[Secure-testing-commits] r52602 - data/CVE

Thu, 15 Jun 2017 21:50:06 -0700 

Author: carnil
Date: 2017-06-16 04:49:26 +0000 (Fri, 16 Jun 2017)
New Revision: 52602

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-06-16 04:12:19 UTC (rev 52601)
+++ data/CVE/list       2017-06-16 04:49:26 UTC (rev 52602)
@@ -99,11 +99,11 @@
 CVE-2017-9676
        RESERVED
 CVE-2017-9675 (On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin 
allows an ...)
-       TODO: check
+       NOT-FOR-US: D-Link DIR-605L devices
 CVE-2017-9674 (In SimpleCE 2.3.0, an authenticated XSS vulnerability was found 
on ...)
-       TODO: check
+       NOT-FOR-US: SimpleCE
 CVE-2017-9673 (In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add 
an ...)
-       TODO: check
+       NOT-FOR-US: SimpleCE
 CVE-2017-9672
        RESERVED
 CVE-2017-9671
@@ -227,7 +227,7 @@
 CVE-2017-9614
        RESERVED
 CVE-2017-9613 (Stored Cross-site scripting (XSS) vulnerability in SAP 
SuccessFactors ...)
-       TODO: check
+       NOT-FOR-US: SAP SuccessFactors
 CVE-2017-9612
        RESERVED
 CVE-2017-9611
@@ -476,7 +476,7 @@
 CVE-2017-9506
        RESERVED
 CVE-2017-9505 (Atlassian Confluence starting with 4.3.0 before 6.2.1 did not 
check if ...)
-       TODO: check
+       NOT-FOR-US: Atlassian Confluence
 CVE-2017-9504
        RESERVED
 CVE-2017-9503 [scsi: null pointer dereference while processing megasas command]
@@ -717,7 +717,7 @@
 CVE-2017-9420 (Cross site scripting (XSS) vulnerability in the Spiffy Calendar 
plugin ...)
        NOT-FOR-US: Spiffy Calendar plugin for WordPress
 CVE-2017-9419 (Cross-site scripting (XSS) vulnerability in the Webhammer WP 
Custom ...)
-       TODO: check
+       NOT-FOR-US: Webhammer WP Custom Fields Search plugin for WordPress
 CVE-2017-9418 (SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 
for ...)
        NOT-FOR-US: WP-Testimonials plugin for WordPress
 CVE-2017-9417 (Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute 
...)
@@ -1049,7 +1049,7 @@
        NOTE: https://github.com/VirusTotal/yara/issues/674
        NOTE: 
https://github.com/VirusTotal/yara/commit/925bcf3c3b0a28b5b78e25d9efda5c0bf27ae699
 CVE-2016-10395 (In FlexNet Publisher versions before Luton SP1 (11.14.1.1) 
running ...)
-       TODO: check
+       NOT-FOR-US: FlexNet Publisher
 CVE-2016-10394
        RESERVED
 CVE-2016-10393
@@ -3337,7 +3337,7 @@
 CVE-2017-8488 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, 
Windows 7 ...)
        NOT-FOR-US: Microsoft
 CVE-2017-8487 (Windows OLE in Windows XP and Windows Server 2003 allows an 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2017-8486
        RESERVED
 CVE-2017-8485 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, 
Windows 7 ...)
@@ -3389,7 +3389,7 @@
 CVE-2017-8462 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, 
Windows 7 ...)
        NOT-FOR-US: Microsoft
 CVE-2017-8461 (Windows RPC with Routing and Remote Access enabled in Windows 
XP and ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2017-8460 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, 
Windows ...)
        NOT-FOR-US: Microsoft
 CVE-2017-8459 (** DISPUTED ** Brave 0.12.4 has a Status Bar Obfuscation issue 
in which ...)
@@ -5115,7 +5115,7 @@
 CVE-2017-7877 (CSRF vulnerability in flatCore version 1.4.6 allows remote 
attackers to ...)
        NOT-FOR-US: flatCore
 CVE-2017-7876 (QNAP QTS before 4.2.6 build 20170517 allows command injection. 
...)
-       TODO: check
+       NOT-FOR-US: QNAP QTS
 CVE-2017-7875 (In wallpaper.c in feh before v2.18.3, if a malicious client 
pretends to ...)
        {DLA-899-1}
        - feh 2.18-2 (low; bug #860367)
@@ -5875,7 +5875,7 @@
 CVE-2017-7630
        RESERVED
 CVE-2017-7629 (QNAP QTS before 4.2.6 build 20170517 has a flaw in the change 
password ...)
-       TODO: check
+       NOT-FOR-US: QNAP QTS
 CVE-2017-7628 (The "Smart related articles" extension 1.1 for 
Joomla! has SQL ...)
        NOT-FOR-US: Joomla extension
 CVE-2017-7627 (The "Smart related articles" extension 1.1 for 
Joomla! does not prevent ...)
@@ -13592,7 +13592,7 @@
 CVE-2017-5245
        RESERVED
 CVE-2017-5244 (Routes used to stop running Metasploit tasks (either particular 
ones ...)
-       TODO: check
+       NOT-FOR-US: Metasploit
 CVE-2017-5243 (The default SSH configuration in Rapid7 Nexpose hardware 
appliances ...)
        NOT-FOR-US: Rapid7 Nexpose hardware appliances
 CVE-2017-5242
@@ -23465,7 +23465,7 @@
 CVE-2017-1380
        RESERVED
 CVE-2017-1379 (IBM API Connect 5.0.0.0 could allow a remote attacker to obtain 
...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2017-1378
        RESERVED
 CVE-2017-1377
@@ -23829,7 +23829,7 @@
 CVE-2017-1198
        RESERVED
 CVE-2017-1197 (IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate 
account ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2017-1196 (IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not 
require ...)
        NOT-FOR-US: IBM
 CVE-2017-1195
@@ -60497,7 +60497,7 @@
 CVE-2015-7733
        RESERVED
 CVE-2015-7732 (The Avira Mobile Security app before 1.5.11 for iOS sends 
sensitive ...)
-       TODO: check
+       NOT-FOR-US: Avira Mobile Security app
 CVE-2015-7731
        RESERVED
 CVE-2015-7730 (SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, 
and ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to