Author: jmm
Date: 2017-10-17 21:21:27 +0000 (Tue, 17 Oct 2017)
New Revision: 56790
Modified:
data/CVE/list
Log:
NFUs
two potential jasperreports issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-17 21:15:35 UTC (rev 56789)
+++ data/CVE/list 2017-10-17 21:21:27 UTC (rev 56790)
@@ -1,5 +1,5 @@
CVE-2017-15538 (Stored XSS vulnerability in the Media Objects component of
ILIAS before ...)
- TODO: check
+ NOT-FOR-US: ILIAS
CVE-2017-15536
RESERVED
CVE-2017-15535
@@ -27228,7 +27228,7 @@
CVE-2017-6274
RESERVED
CVE-2017-6273 (NVIDIA ADSP Firmware contains a vulnerability in the ADSP
Loader ...)
- TODO: check
+ NOT-FOR-US: NVIDIA ADSP Firmware
CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the
kernel mode ...)
[experimental] - nvidia-graphics-drivers 384.90-1
- nvidia-graphics-drivers <unfixed> (bug #876414)
@@ -29584,13 +29584,13 @@
CVE-2017-5532
RESERVED
CVE-2017-5531 (Deployments of TIBCO Managed File Transfer Command Center
versions ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2017-5530
RESERVED
CVE-2017-5529 (JasperReports library components contain an information
disclosure ...)
- NOT-FOR-US: JasperReports
+ - jasperreports <undetermined>
CVE-2017-5528 (Multiple JasperReports Server components contain
vulnerabilities ...)
- NOT-FOR-US: JasperReports
+ - jasperreports <undetermined>
CVE-2017-5527 (TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1,
7.6.x ...)
NOT-FOR-US: TIBCO Spotfire Server
CVE-2016-10162 (The php_wddx_pop_element function in ext/wddx/wddx.c in PHP
7.0.x ...)
@@ -34525,13 +34525,13 @@
CVE-2017-3762
RESERVED
CVE-2017-3761 (The Lenovo Service Framework Android application executes some
system ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2017-3760 (The Lenovo Service Framework Android application uses a set of
...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2017-3759 (The Lenovo Service Framework Android application accepts some
...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2017-3758 (Improper access controls on several Android components in the
Lenovo ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2017-3757 (An unquoted service path vulnerability was identified in the
driver ...)
NOT-FOR-US: Lenovo
CVE-2017-3756 (A privilege escalation vulnerability was identified in Lenovo
Active ...)
@@ -43651,7 +43651,7 @@
CVE-2017-0317 (All versions of NVIDIA GPU and GeForce Experience installer
contain a ...)
NOT-FOR-US: NVIDIA drivers for Windows
CVE-2017-0316 (In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA
Installer ...)
- TODO: check
+ NOT-FOR-US: NVIDIA Installer Framework
CVE-2017-0315 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
NOT-FOR-US: NVIDIA drivers for Windows
CVE-2017-0314 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
@@ -77876,7 +77876,7 @@
CVE-2015-7807
RESERVED
CVE-2015-7806 (Eval injection vulnerability in the fm_saveHelperGatherItems
function ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-7805 (Heap-based buffer overflow in libsndfile 1.0.25 allows remote
...)
{DLA-928-1 DLA-356-1}
- libsndfile 1.0.25-10 (bug #804445)
@@ -93723,7 +93723,7 @@
NOTE: http://article.gmane.org/gmane.comp.security.oss.general/15022
NOTE: https://www.mantisbt.org/bugs/view.php?id=19493
CVE-2014-9697 (Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote
...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2014-9696 (The Hyper Module Management (HMM) software of Huawei Tecal
E9000 ...)
NOT-FOR-US: Huawei
CVE-2014-9695 (The Hyper Module Management (HMM) software of Huawei Tecal
E9000 ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
