Author: jmm Date: 2017-09-08 09:16:58 +0000 (Fri, 08 Sep 2017) New Revision: 55568
Modified: data/CVE/list Log: NFUs Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-09-08 09:11:54 UTC (rev 55567) +++ data/CVE/list 2017-09-08 09:16:58 UTC (rev 55568) @@ -191,7 +191,7 @@ CVE-2017-14148 RESERVED CVE-2017-14147 (An issue was discovered on FiberHome User End Routers Bearing Model ...) - TODO: check + NOT-FOR-US: FiberHome CVE-2017-14146 (HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary ...) NOT-FOR-US: HelpDEZk CVE-2017-14145 (HelpDEZk 1.1.1 has SQL Injection in ...) @@ -1137,7 +1137,7 @@ [wheezy] - sleuthkit <ignored> (Minor issue) NOTE: https://github.com/sleuthkit/sleuthkit/issues/913 CVE-2017-13754 (Cross-site scripting (XSS) vulnerability in the "advanced settings - ...) - TODO: check + NOT-FOR-US: Wibu-Systems CVE-2016-10507 (Integer overflow vulnerability in the bmp24toimage function in ...) - openjpeg2 2.1.2-1 [jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later) @@ -5496,39 +5496,39 @@ CVE-2017-12228 RESERVED CVE-2017-12227 (A vulnerability in the SQL database interface for Cisco Emergency ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12226 RESERVED CVE-2017-12225 (A vulnerability in the web functionality of the Cisco Prime LAN ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12224 (A vulnerability in the ability for guest users to join meetings via a ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12223 (A vulnerability in the ROM Monitor (ROMMON) code of Cisco IR800 ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12222 RESERVED CVE-2017-12221 (A vulnerability in the web framework of Cisco Firepower Management ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12220 (A vulnerability in the web-based management interface of Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12219 RESERVED CVE-2017-12218 (A vulnerability in the malware detection functionality within Advanced ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12217 (A vulnerability in the General Packet Radio Service (GPRS) Tunneling ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12216 (A vulnerability in the web-based user interface of Cisco SocialMiner ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12215 RESERVED CVE-2017-12214 RESERVED CVE-2017-12213 (A vulnerability in the dynamic access control list (ACL) feature of ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12212 (A vulnerability in the web framework of Cisco Unity Connection could ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12211 (A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) ...) - TODO: check + NOT-FOR-US: Cisco CVE-2017-12210 RESERVED CVE-2017-12209 @@ -7219,7 +7219,7 @@ - fontforge <unfixed> (bug #869614) NOTE: https://github.com/fontforge/fontforge/issues/3089 CVE-2017-11567 (Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server ...) - TODO: check + NOT-FOR-US: Mongoose CVE-2017-11566 (AppUse 4.0 allows shell command injection via a proxy field. ...) NOT-FOR-US: AppUse CVE-2017-1002151 [pagure: private repositories accessible through ssh] @@ -69477,7 +69477,7 @@ CVE-2016-0733 (The Admin UI in Apache Ranger before 0.5.1 does not properly handle ...) NOT-FOR-US: Apache Ranger CVE-2016-0732 (The identity zones feature in Pivotal Cloud Foundry 208 through 229; ...) - TODO: check + NOT-FOR-US: Pivotal Cloud Foundry CVE-2016-0731 (The File Browser View in Apache Ambari before 2.2.1 allows remote ...) NOT-FOR-US: Apache Ambari CVE-2016-0730 @@ -74138,7 +74138,7 @@ CVE-2015-7675 (The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and ...) NOT-FOR-US: MOVEit File Transfer web- and mobile application CVE-2015-7672 (Cross-site scripting (XSS) vulnerability in Centreon 2.6.1. ...) - TODO: check + NOT-FOR-US: Centreon CVE-2014-9751 (The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before ...) {DSA-3154-1 DLA-149-1} - ntp 1:4.2.6.p5+dfsg-4 @@ -81473,7 +81473,7 @@ CVE-2015-5061 (Cross-site scripting (XSS) vulnerability in Zoho ManageEngine ...) NOT-FOR-US: Zoho ManageEngine AssetExplorer CVE-2015-5060 (Cross-site scripting (XSS) vulnerability in anchor-cms before 0.9-dev. ...) - TODO: check + NOT-FOR-US: anchor-cms CVE-2015-5058 (Memory leak in the virtual server component in F5 Big-IP LTM, AAM, ...) NOT-FOR-US: F5 BIG-IP CVE-2015-5056 @@ -81487,7 +81487,7 @@ [jessie] - nvidia-graphics-drivers <not-affected> (Only affects R352 and R346 Linux branches) [wheezy] - nvidia-graphics-drivers <not-affected> (Only affects R352 and R346 Linux branches) CVE-2015-5052 (SQL injection vulnerability in Sefrengo before 1.6.5 beta2. ...) - TODO: check + NOT-FOR-US: Sefrengo CVE-2015-5051 (IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before ...) NOT-FOR-US: IBM CVE-2015-5050 (Cross-site request forgery (CSRF) vulnerability in IBM Emptoris ...) @@ -82373,13 +82373,13 @@ CVE-2015-4725 (Cross-site scripting (XSS) vulnerability in forgot.php in AudioShare ...) NOT-FOR-US: AudioShare CVE-2015-4724 (SQL injection vulnerability in Concrete5 5.7.3.1. ...) - TODO: check + NOT-FOR-US: Concrete5 CVE-2015-4723 RESERVED CVE-2015-4722 RESERVED CVE-2015-4721 (Multiple cross-site scripting (XSS) vulnerabilities in Concrete5 ...) - TODO: check + NOT-FOR-US: Concrete5 CVE-2015-4720 REJECTED CVE-2015-4719 @@ -86277,9 +86277,9 @@ CVE-2015-3316 (CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, ...) NOT-FOR-US: CA Common Services in ca.com products CVE-2015-3314 (SQL injection vulnerability in WordPress Tune Library plugin before ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2015-3313 (SQL injection vulnerability in WordPress Community Events plugin ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2015-3312 RESERVED CVE-2015-3311 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits