Author: jmm Date: 2017-05-02 21:23:51 +0000 (Tue, 02 May 2017) New Revision: 51292
Modified: data/CVE/list Log: NFUs Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-05-02 21:21:25 UTC (rev 51291) +++ data/CVE/list 2017-05-02 21:23:51 UTC (rev 51292) @@ -2776,7 +2776,7 @@ CVE-2017-7441 RESERVED CVE-2017-7440 (Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop ...) - TODO: check + NOT-FOR-US: Kerio CVE-2017-7439 RESERVED CVE-2017-7438 @@ -3692,7 +3692,7 @@ CVE-2017-7217 (The Management Web Interface in Palo Alto Networks PAN-OS before ...) NOT-FOR-US: Palo Alto Networks PAN-OS CVE-2017-7216 (The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 ...) - TODO: check + NOT-FOR-US: Palo Alto Networks PAN-OS CVE-2016-10255 (The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils ...) - elfutils 0.168-0.2 (low) [jessie] - elfutils <no-dsa> (Minor issue) @@ -5225,7 +5225,7 @@ CVE-2017-6552 (Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently ...) NOT-FOR-US: Livebox 3 Sagemcom CVE-2017-6551 (Pexip Infinity before 14.2 allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Pexip Infinity CVE-2017-6550 (Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson ...) NOT-FOR-US: Kinsey Infor-Lawson CVE-2017-6549 (Session hijack vulnerability in httpd on ASUS RT-N56U, RT-N66U, ...) @@ -7783,7 +7783,7 @@ CVE-2017-5690 RESERVED CVE-2017-5689 (An unprivileged network attacker could gain system privileges to ...) - TODO: check + NOT-FOR-US: Intel AMT CVE-2017-5688 RESERVED CVE-2017-5687 @@ -34752,7 +34752,7 @@ CVE-2016-5811 (An issue was discovered in Visonic PowerLink2, all versions prior to ...) NOT-FOR-US: Visonic PowerLink CVE-2016-5810 (upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote ...) - TODO: check + NOT-FOR-US: Advantech WebAccess CVE-2016-5809 (An issue was discovered on Schneider Electric IONXXXX series power ...) NOT-FOR-US: Schneider CVE-2016-5808 @@ -37990,7 +37990,7 @@ CVE-2016-5064 RESERVED CVE-2016-5063 (The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 ...) - TODO: check + NOT-FOR-US: BMC Server Automation CVE-2016-5062 (The web server in Aternity before 9.0.1 does not require ...) NOT-FOR-US: Aternity CVE-2016-5061 (Multiple cross-site scripting (XSS) vulnerabilities in the web server ...) @@ -38107,7 +38107,7 @@ NOTE: Mitigations exists in https://pivotal.io/security/cve-2016-5007 NOTE: Other (already unsupported) versions are affected as well by the issue CVE-2016-5006 (The Cloud Controller in Cloud Foundry before 239 logs user-provided ...) - TODO: check + NOT-FOR-US: Cloud Foundry CVE-2016-5005 (Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and ...) NOT-FOR-US: Apache Archiva CVE-2016-5004 @@ -39954,7 +39954,7 @@ CVE-2016-4443 (Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local ...) NOT-FOR-US: org.ovirt.engine-root / engine-setup (Red Hat) CVE-2016-4442 (The rack-mini-profiler gem before 0.10.1 for Ruby allows remote ...) - TODO: check + NOT-FOR-US: rack-mini-profiler gem CVE-2016-4441 (The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI ...) - qemu 1:2.6+dfsg-2 (bug #824856) [jessie] - qemu <no-dsa> (Minor issue; can be fixed along with a future DSA) @@ -54976,7 +54976,7 @@ CVE-2015-8258 (AXIS Communications products with firmware through 5.80.x allow remote ...) NOT-FOR-US: AXIS Communications CVE-2015-8257 (The devtools.sh script in AXIS network cameras allows remote ...) - TODO: check + NOT-FOR-US: Axis network cameras CVE-2015-8256 (Multiple cross-site scripting (XSS) vulnerabilities in Axis network ...) NOT-FOR-US: Axis network cameras CVE-2015-8255 (AXIS Communications products allow CSRF, as demonstrated by ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits