Author: jmm
Date: 2017-10-22 10:07:25 +0000 (Sun, 22 Oct 2017)
New Revision: 56913
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-22 10:03:16 UTC (rev 56912)
+++ data/CVE/list 2017-10-22 10:07:25 UTC (rev 56913)
@@ -107,23 +107,23 @@
CVE-2017-15736 (Cross-site scripting (XSS) vulnerability (stored) in SPIP
before 3.1.7 ...)
TODO: check
CVE-2017-15735 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery
(CSRF) ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2017-15734 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery
(CSRF) in ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2017-15733 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery
(CSRF) in ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2017-15732 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery
(CSRF) in ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2017-15731 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery
(CSRF) in ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2017-15730 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery
(CSRF) in ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2017-15729 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery
(CSRF) ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2017-15728 (In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting
(XSS) ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2017-15727 (In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting
(XSS) ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2017-15726
RESERVED
CVE-2017-15725
@@ -2171,7 +2171,7 @@
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bd61e135492ecf624880e6b78e5fcde3c9716df6
NOTE:
https://blogs.gentoo.org/ago/2017/09/26/binutils-memory-allocation-failure-in-_bfd_elf_slurp_version_tables-elf-c/
CVE-2017-14937 (The airbag detonation algorithm allows injury to passenger-car
...)
- TODO: check
+ NOT-FOR-US: passenger-car
CVE-2017-14936
RESERVED
CVE-2016-10512 (MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted
for ...)
@@ -6865,7 +6865,7 @@
CVE-2017-13128
RESERVED
CVE-2017-13127 (The VIP.com application for IOS and Android allows remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: VIP.com app
CVE-2017-13126
RESERVED
CVE-2017-13125
@@ -9036,7 +9036,7 @@
CVE-2017-12580
RESERVED
CVE-2017-12579 (An insecure suid wrapper binary in the HashiCorp Vagrant
VMware Fusion ...)
- TODO: check
+ NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
CVE-2017-12578
RESERVED
CVE-2017-12577
@@ -9683,7 +9683,7 @@
CVE-2017-12318
RESERVED
CVE-2017-12317 (The Cisco AMP For Endpoints application allows an
authenticated, local ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-12316
RESERVED
CVE-2017-12315
@@ -81915,7 +81915,7 @@
CVE-2015-6669
RESERVED
CVE-2015-6668 (The Job Manager plugin before 0.7.25 allows remote attackers to
read ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2015-6667
RESERVED
CVE-2015-6664 (XML external entity (XXE) vulnerability in the application
import ...)
@@ -118431,7 +118431,7 @@
- chromium-browser 37.0.2062.120-1
[squeeze] - chromium-browser <end-of-life>
CVE-2014-3164 (cmds/servicemanager/service_manager.c in Android before commit
...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2014-3163
RESERVED
CVE-2014-3162 (Multiple unspecified vulnerabilities in Google Chrome before
...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
