Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1d2c8346 by Salvatore Bonaccorso at 2018-03-10T10:17:25+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -2365,31 +2365,31 @@ CVE-2018-7241 CVE-2018-7240 RESERVED CVE-2018-7239 (A DLL hijacking vulnerability exists in Schneider Electric's SoMove ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7238 (A buffer overflow vulnerability exist in the web-based GUI of ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7237 (A vulnerability exists in Schneider Electric's Pelco Sarix ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7236 (A vulnerability exists in Schneider Electric's Pelco Sarix ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7235 (A vulnerability exists in Schneider Electric's Pelco Sarix ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7234 (A vulnerability exists in Schneider Electric's Pelco Sarix ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7233 (A vulnerability exists in Schneider Electric's Pelco Sarix ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7232 (A vulnerability exists in Schneider Electric's Pelco Sarix ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7231 (A vulnerability exists in Schneider Electric's Pelco Sarix ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7230 (A XML external entity (XXE) vulnerability exists in the import.cgi of ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7229 (A vulnerability exists in Schneider Electric's Pelco Sarix ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7228 (A vulnerability exists in Schneider Electric's Pelco Sarix ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2018-7227 (A vulnerability exists in Schneider Electric's Pelco Sarix ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2017-18191 (An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x ...) - nova <unfixed> [stretch] - nova <no-dsa> (Minor issue) @@ -19142,7 +19142,7 @@ CVE-2017-17284 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 . CVE-2017-17283 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 ...) NOT-FOR-US: Huawei CVE-2017-17282 (SCCP (Signalling Connection Control Part) module in Huawei DP300 ...) - TODO: check + NOT-FOR-US: Huawei CVE-2017-17281 (SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 ...) NOT-FOR-US: Huawei CVE-2017-17280 (NFC (Near Field Communication) module in Huawei mobile phones with ...) @@ -26990,7 +26990,7 @@ CVE-2017-15325 CVE-2017-15324 (Huawei S5700 and S6700 with software of V200R005C00 have a DoS ...) NOT-FOR-US: Huawei CVE-2017-15323 (Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, ...) - TODO: check + NOT-FOR-US: Huawei CVE-2017-15322 (Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 ...) NOT-FOR-US: Huawei CVE-2017-15321 (Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) has an ...) @@ -27006,9 +27006,9 @@ CVE-2017-15317 (AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR12 CVE-2017-15316 (The GPU driver of Mate 9 Huawei smart phones with software before ...) NOT-FOR-US: Huawei CVE-2017-15315 (Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, ...) - TODO: check + NOT-FOR-US: Huawei CVE-2017-15314 (Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 ...) - TODO: check + NOT-FOR-US: Huawei CVE-2017-15313 (Huawei SmartCare V200R003C10 has a CSV injection vulnerability. An ...) NOT-FOR-US: Huawei CVE-2017-15312 (Huawei SmartCare V200R003C10 has a stored XSS (cross-site scripting) ...) @@ -40643,11 +40643,11 @@ CVE-2017-10856 (SEIL/X 4.60 to 5.72, SEIL/B1 4.60 to 5.72, SEIL/x86 3.20 to 5.72 CVE-2017-10855 (Untrusted search path vulnerability in FENCE-Explorer for Windows ...) NOT-FOR-US: FENCE-Explorer for Windows CVE-2017-10854 (Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to ...) - TODO: check + NOT-FOR-US: Corega CG-WGR1200 firmware CVE-2017-10853 (Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows ...) - TODO: check + NOT-FOR-US: Corega CG-WGR1200 firmware CVE-2017-10852 (Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows ...) - TODO: check + NOT-FOR-US: Corega CG-WGR1200 firmware CVE-2017-10851 (Untrusted search path vulnerability in Installer for ContentsBridge ...) NOT-FOR-US: Installer for ContentsBridge Utility for Windows CVE-2017-10850 (Untrusted search path vulnerability in Installers of ART EX Driver for ...) @@ -74581,15 +74581,15 @@ CVE-2016-8788 CVE-2016-8787 REJECTED CVE-2016-8786 (Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, ...) - TODO: check + NOT-FOR-US: Huawei CVE-2016-8785 (Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 ...) - TODO: check + NOT-FOR-US: Huawei CVE-2016-8784 (Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, ...) - TODO: check + NOT-FOR-US: Huawei CVE-2016-8783 (Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than ...) - TODO: check + NOT-FOR-US: Huawei CVE-2016-8782 (Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, ...) - TODO: check + NOT-FOR-US: Huawei CVE-2016-8781 (Huawei Secospace USG6300 with software V500R001C20 and ...) NOT-FOR-US: Huawei CVE-2016-8780 (Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, ...) @@ -103109,7 +103109,7 @@ CVE-2016-0288 (IBM Security AppScan Standard 8.7.x, 8.8.x, and 9.x before 9.0.3. CVE-2016-0287 (IBM i Access 7.1 on Windows allows local users to discover registry ...) NOT-FOR-US: IBM CVE-2016-0286 (IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004 ...) - TODO: check + NOT-FOR-US: IBM Tivoli Business Service Manager CVE-2016-0285 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...) NOT-FOR-US: IBM CVE-2016-0284 (The XML parser in IBM Rational Collaborative Lifecycle Management ...) @@ -103129,15 +103129,15 @@ CVE-2016-0278 (Heap-based buffer overflow in the KeyView PDF filter in IBM Domin CVE-2016-0277 (Heap-based buffer overflow in the KeyView PDF filter in IBM Domino ...) NOT-FOR-US: IBM CVE-2016-0276 (IBM Financial Transaction Manager (FTM) for ACH Services for ...) - TODO: check + NOT-FOR-US: IBM Financial Transaction Manager CVE-2016-0275 (IBM Financial Transaction Manager (FTM) for ACH Services for ...) - TODO: check + NOT-FOR-US: IBM Financial Transaction Manager CVE-2016-0274 (IBM Financial Transaction Manager (FTM) for ACH Services for ...) - TODO: check + NOT-FOR-US: IBM Financial Transaction Manager CVE-2016-0273 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...) NOT-FOR-US: IBM CVE-2016-0272 (Cross-site request forgery (CSRF) vulnerability in IBM Financial ...) - TODO: check + NOT-FOR-US: IBM Financial Transaction Manager CVE-2016-0271 (The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x before ...) NOT-FOR-US: IBM CVE-2016-0270 (IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 ...) @@ -103145,7 +103145,7 @@ CVE-2016-0270 (IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack CVE-2016-0269 (Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x ...) NOT-FOR-US: IBM CVE-2016-0268 (XML external entity (XXE) vulnerability in IBM Financial Transaction ...) - TODO: check + NOT-FOR-US: IBM Financial Transaction Manager CVE-2016-0267 (IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and ...) NOT-FOR-US: IBM CVE-2016-0266 (IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the ...) @@ -103175,7 +103175,7 @@ CVE-2016-0255 (IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross CVE-2016-0254 (IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a ...) NOT-FOR-US: IBM CVE-2016-0253 (Cross-site scripting (XSS) vulnerability in IBM Financial Transaction ...) - TODO: check + NOT-FOR-US: IBM Financial Transaction Manager CVE-2016-0252 (IBM Control Center 6.x before 6.0.0.1 iFix06 and Sterling Control ...) NOT-FOR-US: IBM CVE-2016-0251 @@ -147156,7 +147156,7 @@ CVE-2014-2594 CVE-2014-2593 (The management console in Aruba Networks ClearPass Policy Manager ...) NOT-FOR-US: Aruba Networks ClearPass Policy Manager CVE-2014-2592 (Unrestricted file upload vulnerability in Aruba Web Management portal ...) - TODO: check + NOT-FOR-US: Aruba Web Management portal CVE-2014-2591 (Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 ...) NOT-FOR-US: AIX CVE-2014-2590 (The web management interface in Siemens RuggedCom ROS before 3.11, ROS ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d2c834647b4adccb8445e7decfa66eb7968f7f2 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d2c834647b4adccb8445e7decfa66eb7968f7f2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits