Author: jmm
Date: 2017-09-08 09:16:58 +0000 (Fri, 08 Sep 2017)
New Revision: 55568
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-08 09:11:54 UTC (rev 55567)
+++ data/CVE/list 2017-09-08 09:16:58 UTC (rev 55568)
@@ -191,7 +191,7 @@
CVE-2017-14148
RESERVED
CVE-2017-14147 (An issue was discovered on FiberHome User End Routers Bearing
Model ...)
- TODO: check
+ NOT-FOR-US: FiberHome
CVE-2017-14146 (HelpDEZk 1.1.1 allows remote authenticated users to execute
arbitrary ...)
NOT-FOR-US: HelpDEZk
CVE-2017-14145 (HelpDEZk 1.1.1 has SQL Injection in ...)
@@ -1137,7 +1137,7 @@
[wheezy] - sleuthkit <ignored> (Minor issue)
NOTE: https://github.com/sleuthkit/sleuthkit/issues/913
CVE-2017-13754 (Cross-site scripting (XSS) vulnerability in the "advanced
settings - ...)
- TODO: check
+ NOT-FOR-US: Wibu-Systems
CVE-2016-10507 (Integer overflow vulnerability in the bmp24toimage function in
...)
- openjpeg2 2.1.2-1
[jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later)
@@ -5496,39 +5496,39 @@
CVE-2017-12228
RESERVED
CVE-2017-12227 (A vulnerability in the SQL database interface for Cisco
Emergency ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12226
RESERVED
CVE-2017-12225 (A vulnerability in the web functionality of the Cisco Prime
LAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12224 (A vulnerability in the ability for guest users to join
meetings via a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12223 (A vulnerability in the ROM Monitor (ROMMON) code of Cisco
IR800 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12222
RESERVED
CVE-2017-12221 (A vulnerability in the web framework of Cisco Firepower
Management ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12220 (A vulnerability in the web-based management interface of Cisco
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12219
RESERVED
CVE-2017-12218 (A vulnerability in the malware detection functionality within
Advanced ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12217 (A vulnerability in the General Packet Radio Service (GPRS)
Tunneling ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12216 (A vulnerability in the web-based user interface of Cisco
SocialMiner ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12215
RESERVED
CVE-2017-12214
RESERVED
CVE-2017-12213 (A vulnerability in the dynamic access control list (ACL)
feature of ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12212 (A vulnerability in the web framework of Cisco Unity Connection
could ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12211 (A vulnerability in the IPv6 Simple Network Management Protocol
(SNMP) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12210
RESERVED
CVE-2017-12209
@@ -7219,7 +7219,7 @@
- fontforge <unfixed> (bug #869614)
NOTE: https://github.com/fontforge/fontforge/issues/3089
CVE-2017-11567 (Cross-site request forgery (CSRF) vulnerability in Mongoose
Web Server ...)
- TODO: check
+ NOT-FOR-US: Mongoose
CVE-2017-11566 (AppUse 4.0 allows shell command injection via a proxy field.
...)
NOT-FOR-US: AppUse
CVE-2017-1002151 [pagure: private repositories accessible through ssh]
@@ -69477,7 +69477,7 @@
CVE-2016-0733 (The Admin UI in Apache Ranger before 0.5.1 does not properly
handle ...)
NOT-FOR-US: Apache Ranger
CVE-2016-0732 (The identity zones feature in Pivotal Cloud Foundry 208 through
229; ...)
- TODO: check
+ NOT-FOR-US: Pivotal Cloud Foundry
CVE-2016-0731 (The File Browser View in Apache Ambari before 2.2.1 allows
remote ...)
NOT-FOR-US: Apache Ambari
CVE-2016-0730
@@ -74138,7 +74138,7 @@
CVE-2015-7675 (The "Send as attachment" feature in Ipswitch MOVEit
DMZ before 8.2 and ...)
NOT-FOR-US: MOVEit File Transfer web- and mobile application
CVE-2015-7672 (Cross-site scripting (XSS) vulnerability in Centreon 2.6.1. ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2014-9751 (The read_network_packet function in ntp_io.c in ntpd in NTP 4.x
before ...)
{DSA-3154-1 DLA-149-1}
- ntp 1:4.2.6.p5+dfsg-4
@@ -81473,7 +81473,7 @@
CVE-2015-5061 (Cross-site scripting (XSS) vulnerability in Zoho ManageEngine
...)
NOT-FOR-US: Zoho ManageEngine AssetExplorer
CVE-2015-5060 (Cross-site scripting (XSS) vulnerability in anchor-cms before
0.9-dev. ...)
- TODO: check
+ NOT-FOR-US: anchor-cms
CVE-2015-5058 (Memory leak in the virtual server component in F5 Big-IP LTM,
AAM, ...)
NOT-FOR-US: F5 BIG-IP
CVE-2015-5056
@@ -81487,7 +81487,7 @@
[jessie] - nvidia-graphics-drivers <not-affected> (Only affects R352
and R346 Linux branches)
[wheezy] - nvidia-graphics-drivers <not-affected> (Only affects R352
and R346 Linux branches)
CVE-2015-5052 (SQL injection vulnerability in Sefrengo before 1.6.5 beta2. ...)
- TODO: check
+ NOT-FOR-US: Sefrengo
CVE-2015-5051 (IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6
before ...)
NOT-FOR-US: IBM
CVE-2015-5050 (Cross-site request forgery (CSRF) vulnerability in IBM Emptoris
...)
@@ -82373,13 +82373,13 @@
CVE-2015-4725 (Cross-site scripting (XSS) vulnerability in forgot.php in
AudioShare ...)
NOT-FOR-US: AudioShare
CVE-2015-4724 (SQL injection vulnerability in Concrete5 5.7.3.1. ...)
- TODO: check
+ NOT-FOR-US: Concrete5
CVE-2015-4723
RESERVED
CVE-2015-4722
RESERVED
CVE-2015-4721 (Multiple cross-site scripting (XSS) vulnerabilities in
Concrete5 ...)
- TODO: check
+ NOT-FOR-US: Concrete5
CVE-2015-4720
REJECTED
CVE-2015-4719
@@ -86277,9 +86277,9 @@
CVE-2015-3316 (CA Common Services, as used in CA Client Automation r12.5 SP01,
r12.8, ...)
NOT-FOR-US: CA Common Services in ca.com products
CVE-2015-3314 (SQL injection vulnerability in WordPress Tune Library plugin
before ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-3313 (SQL injection vulnerability in WordPress Community Events
plugin ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-3312
RESERVED
CVE-2015-3311
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
