Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1d2c8346 by Salvatore Bonaccorso at 2018-03-10T10:17:25+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2365,31 +2365,31 @@ CVE-2018-7241
CVE-2018-7240
RESERVED
CVE-2018-7239 (A DLL hijacking vulnerability exists in Schneider Electric's
SoMove ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7238 (A buffer overflow vulnerability exist in the web-based GUI of
...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7237 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7236 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7235 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7234 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7233 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7232 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7231 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7230 (A XML external entity (XXE) vulnerability exists in the
import.cgi of ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7229 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7228 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2018-7227 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2017-18191 (An issue was discovered in OpenStack Nova 15.x through 15.1.0
and 16.x ...)
- nova <unfixed>
[stretch] - nova <no-dsa> (Minor issue)
@@ -19142,7 +19142,7 @@ CVE-2017-17284 (Huawei DP300 V500R002C00, RP200
V500R002C00, V600R006C00, TE30 .
CVE-2017-17283 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30
...)
NOT-FOR-US: Huawei
CVE-2017-17282 (SCCP (Signalling Connection Control Part) module in Huawei
DP300 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17281 (SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00;
TE30 ...)
NOT-FOR-US: Huawei
CVE-2017-17280 (NFC (Near Field Communication) module in Huawei mobile phones
with ...)
@@ -26990,7 +26990,7 @@ CVE-2017-15325
CVE-2017-15324 (Huawei S5700 and S6700 with software of V200R005C00 have a DoS
...)
NOT-FOR-US: Huawei
CVE-2017-15323 (Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20,
...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-15322 (Some Huawei smartphones with software of
BGO-L03C158B003CUSTC158D001 ...)
NOT-FOR-US: Huawei
CVE-2017-15321 (Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) has an
...)
@@ -27006,9 +27006,9 @@ CVE-2017-15317 (AR120-S V200R006C10, V200R007C00,
V200R008C20, V200R008C30; AR12
CVE-2017-15316 (The GPU driver of Mate 9 Huawei smart phones with software
before ...)
NOT-FOR-US: Huawei
CVE-2017-15315 (Patch module of Huawei NIP6300 V500R001C20SPC100,
V500R001C20SPC200, ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-15314 (Huawei DP300 V500R002C00, RP200 V500R002C00SPC200,
V600R006C00, TE30 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-15313 (Huawei SmartCare V200R003C10 has a CSV injection
vulnerability. An ...)
NOT-FOR-US: Huawei
CVE-2017-15312 (Huawei SmartCare V200R003C10 has a stored XSS (cross-site
scripting) ...)
@@ -40643,11 +40643,11 @@ CVE-2017-10856 (SEIL/X 4.60 to 5.72, SEIL/B1 4.60 to
5.72, SEIL/x86 3.20 to 5.72
CVE-2017-10855 (Untrusted search path vulnerability in FENCE-Explorer for
Windows ...)
NOT-FOR-US: FENCE-Explorer for Windows
CVE-2017-10854 (Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker
to ...)
- TODO: check
+ NOT-FOR-US: Corega CG-WGR1200 firmware
CVE-2017-10853 (Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: Corega CG-WGR1200 firmware
CVE-2017-10852 (Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: Corega CG-WGR1200 firmware
CVE-2017-10851 (Untrusted search path vulnerability in Installer for
ContentsBridge ...)
NOT-FOR-US: Installer for ContentsBridge Utility for Windows
CVE-2017-10850 (Untrusted search path vulnerability in Installers of ART EX
Driver for ...)
@@ -74581,15 +74581,15 @@ CVE-2016-8788
CVE-2016-8787
REJECTED
CVE-2016-8786 (Huawei S12700 V200R005C00, V200R006C00, V200R007C00,
V200R008C00, ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2016-8785 (Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00,
S7700 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2016-8784 (Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00,
...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2016-8783 (Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than
...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2016-8782 (Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00,
...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2016-8781 (Huawei Secospace USG6300 with software V500R001C20 and ...)
NOT-FOR-US: Huawei
CVE-2016-8780 (Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800
V100R006C00, ...)
@@ -103109,7 +103109,7 @@ CVE-2016-0288 (IBM Security AppScan Standard 8.7.x,
8.8.x, and 9.x before 9.0.3.
CVE-2016-0287 (IBM i Access 7.1 on Windows allows local users to discover
registry ...)
NOT-FOR-US: IBM
CVE-2016-0286 (IBM Tivoli Business Service Manager 6.1.0 before
6.1.0-TIV-BSM-FP0004 ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Business Service Manager
CVE-2016-0285 (Cross-site scripting (XSS) vulnerability in IBM Rational
Collaborative ...)
NOT-FOR-US: IBM
CVE-2016-0284 (The XML parser in IBM Rational Collaborative Lifecycle
Management ...)
@@ -103129,15 +103129,15 @@ CVE-2016-0278 (Heap-based buffer overflow in the
KeyView PDF filter in IBM Domin
CVE-2016-0277 (Heap-based buffer overflow in the KeyView PDF filter in IBM
Domino ...)
NOT-FOR-US: IBM
CVE-2016-0276 (IBM Financial Transaction Manager (FTM) for ACH Services for
...)
- TODO: check
+ NOT-FOR-US: IBM Financial Transaction Manager
CVE-2016-0275 (IBM Financial Transaction Manager (FTM) for ACH Services for
...)
- TODO: check
+ NOT-FOR-US: IBM Financial Transaction Manager
CVE-2016-0274 (IBM Financial Transaction Manager (FTM) for ACH Services for
...)
- TODO: check
+ NOT-FOR-US: IBM Financial Transaction Manager
CVE-2016-0273 (Cross-site scripting (XSS) vulnerability in IBM Rational
Collaborative ...)
NOT-FOR-US: IBM
CVE-2016-0272 (Cross-site request forgery (CSRF) vulnerability in IBM
Financial ...)
- TODO: check
+ NOT-FOR-US: IBM Financial Transaction Manager
CVE-2016-0271 (The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x
before ...)
NOT-FOR-US: IBM
CVE-2016-0270 (IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix
Pack 5 ...)
@@ -103145,7 +103145,7 @@ CVE-2016-0270 (IBM Domino 9.0.1 Fix Pack 3 Interim
Fix 2 through 9.0.1 Fix Pack
CVE-2016-0269 (Cross-site scripting (XSS) vulnerability in IBM BigFix Platform
9.x ...)
NOT-FOR-US: IBM
CVE-2016-0268 (XML external entity (XXE) vulnerability in IBM Financial
Transaction ...)
- TODO: check
+ NOT-FOR-US: IBM Financial Transaction Manager
CVE-2016-0267 (IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before
6.1.3.3, and ...)
NOT-FOR-US: IBM
CVE-2016-0266 (IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to
the ...)
@@ -103175,7 +103175,7 @@ CVE-2016-0255 (IBM Marketing Platform 9.1 and 10.0 is
vulnerable to stored cross
CVE-2016-0254 (IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to
a ...)
NOT-FOR-US: IBM
CVE-2016-0253 (Cross-site scripting (XSS) vulnerability in IBM Financial
Transaction ...)
- TODO: check
+ NOT-FOR-US: IBM Financial Transaction Manager
CVE-2016-0252 (IBM Control Center 6.x before 6.0.0.1 iFix06 and Sterling
Control ...)
NOT-FOR-US: IBM
CVE-2016-0251
@@ -147156,7 +147156,7 @@ CVE-2014-2594
CVE-2014-2593 (The management console in Aruba Networks ClearPass Policy
Manager ...)
NOT-FOR-US: Aruba Networks ClearPass Policy Manager
CVE-2014-2592 (Unrestricted file upload vulnerability in Aruba Web Management
portal ...)
- TODO: check
+ NOT-FOR-US: Aruba Web Management portal
CVE-2014-2591 (Untrusted search path vulnerability in BMC Patrol for AIX
3.9.00 ...)
NOT-FOR-US: AIX
CVE-2014-2590 (The web management interface in Siemens RuggedCom ROS before
3.11, ROS ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d2c834647b4adccb8445e7decfa66eb7968f7f2
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d2c834647b4adccb8445e7decfa66eb7968f7f2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
