Author: carnil
Date: 2017-08-25 21:16:41 +0000 (Fri, 25 Aug 2017)
New Revision: 55089
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-25 21:10:13 UTC (rev 55088)
+++ data/CVE/list 2017-08-25 21:16:41 UTC (rev 55089)
@@ -15,7 +15,7 @@
CVE-2017-13698
RESERVED
CVE-2017-13697 (controllers/member/api.php in dayrui FineCms 5.0.11 has XSS
related to ...)
- TODO: check
+ NOT-FOR-US: FineCMS
CVE-2017-13696
RESERVED
CVE-2017-1000122
@@ -2490,9 +2490,9 @@
CVE-2017-12818
RESERVED
CVE-2017-12817 (In Kaspersky Internet Security for Android 11.12.4.1622, some
of the ...)
- TODO: check
+ NOT-FOR-US: Kaspersky Internet Security for Android
CVE-2017-12816 (In Kaspersky Internet Security for Android 11.12.4.1622, some
of ...)
- TODO: check
+ NOT-FOR-US: Kaspersky Internet Security for Android
CVE-2017-12815
RESERVED
CVE-2017-12814
@@ -2761,11 +2761,11 @@
CVE-2017-12710
RESERVED
CVE-2017-12709 (A Use of Hard-Coded Credentials issue was discovered in
MRD-305-DIN ...)
- TODO: check
+ NOT-FOR-US: Westermo devices
CVE-2017-12708
RESERVED
CVE-2017-12707 (A Stack-based Buffer Overflow issue was discovered in
SpiderControl ...)
- TODO: check
+ NOT-FOR-US: SpiderControl SCADA MicroBrowser
CVE-2017-12706
RESERVED
CVE-2017-12705
@@ -2773,7 +2773,7 @@
CVE-2017-12704
RESERVED
CVE-2017-12703 (A Cross-Site Request Forgery (CSRF) issue was discovered in
Westermo ...)
- TODO: check
+ NOT-FOR-US: Westermo
CVE-2017-12702
RESERVED
CVE-2017-12701
@@ -2791,7 +2791,7 @@
CVE-2017-12695
RESERVED
CVE-2017-12694 (A Directory Traversal issue was discovered in SpiderControl
SCADA Web ...)
- TODO: check
+ NOT-FOR-US: SpiderControl SCADA Web Server
CVE-2017-1000101 [URL globbing out of bounds read]
- curl 7.55.0-1 (bug #871554)
[wheezy] - curl <not-affected> (Vulnerable code not present, introduced
later in 7.34.0)
@@ -10844,7 +10844,7 @@
CVE-2017-9651
RESERVED
CVE-2017-9650 (An Unrestricted Upload of File with Dangerous Type issue was
discovered ...)
- TODO: check
+ NOT-FOR-US: Automated Logic Corporation (ALC)
CVE-2017-9649
RESERVED
CVE-2017-9648 (An Uncontrolled Search Path Element issue was discovered in
Solar ...)
@@ -10856,7 +10856,7 @@
CVE-2017-9645
RESERVED
CVE-2017-9644 (An Unquoted Search Path or Element issue was discovered in
Automated ...)
- TODO: check
+ NOT-FOR-US: Automated Logic Corporation (ALC)
CVE-2017-9643
RESERVED
CVE-2017-9642
@@ -10864,7 +10864,7 @@
CVE-2017-9641
RESERVED
CVE-2017-9640 (A Path Traversal issue was discovered in Automated Logic
Corporation ...)
- TODO: check
+ NOT-FOR-US: Automated Logic Corporation (ALC)
CVE-2017-9639 (An issue was discovered in Fuji Electric V-Server Version
3.3.22.0 and ...)
NOT-FOR-US: Fuji Electric V-Server
CVE-2017-9638
@@ -15781,7 +15781,7 @@
CVE-2017-7935 (A Resource Exhaustion issue was discovered in Phoenix Contact
GmbH ...)
NOT-FOR-US: Phoenix Contact
CVE-2017-7934 (An Improper Authentication issue was discovered in OSIsoft PI
Server ...)
- TODO: check
+ NOT-FOR-US: OSIsoft
CVE-2017-7933
RESERVED
CVE-2017-7932 (An improper certificate validation issue was discovered in NXP
i.MX 28 ...)
@@ -15789,7 +15789,7 @@
CVE-2017-7931
RESERVED
CVE-2017-7930 (An Improper Authentication issue was discovered in OSIsoft PI
Server ...)
- TODO: check
+ NOT-FOR-US: OSIsoft
CVE-2017-7929 (An Absolute Path Traversal issue was discovered in Advantech
WebAccess ...)
NOT-FOR-US: Advantech WebAccess
CVE-2017-7928 (An Improper Access Control issue was discovered in Schweitzer
...)
@@ -15797,7 +15797,7 @@
CVE-2017-7927 (A Use of Password Hash Instead of Password for Authentication
issue was ...)
NOT-FOR-US: Dahua
CVE-2017-7926 (A Cross-Site Request Forgery issue was discovered in OSIsoft PI
Web API ...)
- TODO: check
+ NOT-FOR-US: OSIsoft
CVE-2017-7925 (A Password in Configuration File issue was discovered in Dahua
...)
NOT-FOR-US: Dahua
CVE-2017-7924
@@ -50308,7 +50308,7 @@
CVE-2016-5817 (SQL injection vulnerability in news pages in Cargotec Navis
WebAccess ...)
NOT-FOR-US: Cargotec
CVE-2016-5816 (A Use of Hard-Coded Cryptographic Key issue was discovered in
...)
- TODO: check
+ NOT-FOR-US: Westermo
CVE-2016-5815 (An issue was discovered on Schneider Electric IONXXXX series
power ...)
NOT-FOR-US: Schneider
CVE-2016-5814 (Buffer overflow in Rockwell Automation RSLogix Micro Starter
Lite, ...)
@@ -93515,7 +93515,7 @@
CVE-2014-9565
RESERVED
CVE-2014-9564 (CRLF injection vulnerability in IBM Flex System EN6131 40Gb
Ethernet ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-9563
RESERVED
CVE-2014-9562 (Cross-site scripting (XSS) vulnerability in display_dialog.php
in M2 ...)
@@ -100003,13 +100003,13 @@
[wheezy] - swift <no-dsa> (Minor issue)
NOTE: affected version: all up to 2.1.0
CVE-2014-7860 (The web/web_file/fb_publish.php script in D-Link DNS-320L
before ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2014-7859 (Stack-based buffer overflow in login_mgr.cgi in D-Link firmware
...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2014-7858 (The check_login function in D-Link DNR-326 before 2.10 build 03
allows ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2014-7857 (D-Link DNS-320L firmware before 1.04b12, DNS-327L before
1.03b04 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2014-7856
RESERVED
CVE-2014-7855
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
