[Secure-testing-commits] r53394 - data/CVE

Moritz Muehlenhoff Tue, 11 Jul 2017 14:19:00 -0700

Author: jmm
Date: 2017-07-11 21:18:44 +0000 (Tue, 11 Jul 2017)
New Revision: 53394


Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-07-11 21:14:17 UTC (rev 53393)
+++ data/CVE/list       2017-07-11 21:18:44 UTC (rev 53394)
@@ -1503,7 +1503,7 @@
 CVE-2017-10601
        RESERVED
 CVE-2017-10600 (ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, 
creates ...)
-       TODO: check
+       NOT-FOR-US: ubuntu-image
 CVE-2017-9996 (The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 
2.8.x ...)
        - ffmpeg 7:3.2.5-1
        - libav <undetermined>
@@ -9391,15 +9391,15 @@
 CVE-2017-7731 (A weak password recovery vulnerability in Fortinet FortiPortal 
...)
        NOT-FOR-US: Fortinet FortiPortal
 CVE-2017-7730 (iSmartAlarm cube devices allow Denial of Service. Sending a SYN 
flood ...)
-       TODO: check
+       NOT-FOR-US: iSmartAlarm
 CVE-2017-7729 (On iSmartAlarm cube devices, there is Incorrect Access Control 
because ...)
-       TODO: check
+       NOT-FOR-US: iSmartAlarm
 CVE-2017-7728 (On iSmartAlarm cube devices, there is authentication bypass 
leading to ...)
-       TODO: check
+       NOT-FOR-US: iSmartAlarm
 CVE-2017-7727
        REJECTED
 CVE-2017-7726 (iSmartAlarm cube devices have an SSL Certificate Validation ...)
-       TODO: check
+       NOT-FOR-US: iSmartAlarm
 CVE-2017-7725 (concrete5 8.1.0 places incorrect trust in the HTTP Host header 
during ...)
        NOT-FOR-US: concrete5
 CVE-2017-7724
@@ -11439,7 +11439,7 @@
 CVE-2017-7176
        RESERVED
 CVE-2017-7175 (NfSen before 1.3.8 allows remote attackers to execute arbitrary 
OS ...)
-       TODO: check
+       NOT-FOR-US: NfSen
 CVE-2017-7174 (The user-account creation feature in Chef Manage 2.1.0 through 
2.4.4 ...)
        NOT-FOR-US: Chef Manage
 CVE-2017-7173
@@ -25639,11 +25639,11 @@
 CVE-2017-2246
        RESERVED
 CVE-2017-2245 (Directory traversal vulnerability in Shortcodes Ultimate prior 
to ...)
-       TODO: check
+       NOT-FOR-US: Shortcodes Ultimate
 CVE-2017-2244 (Cross-site request forgery (CSRF) vulnerability in MFC-J960DWN 
...)
        NOT-FOR-US: MFC-J960DWN firmware
 CVE-2017-2243 (Cross-site scripting vulnerability in Responsive Lightbox prior 
to ...)
-       TODO: check
+       NOT-FOR-US: Responsive Lightbox
 CVE-2017-2242
        RESERVED
 CVE-2017-2241
@@ -25651,7 +25651,7 @@
 CVE-2017-2240
        RESERVED
 CVE-2017-2239 (Marp versions v0.0.10 and earlier may allow an attacker to 
access ...)
-       TODO: check
+       NOT-FOR-US: Marp
 CVE-2017-2238 (Cross-site request forgery (CSRF) vulnerability in Toshiba Home 
...)
        NOT-FOR-US: Toshiba Home gateway HEM-GW16A
 CVE-2017-2237 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and 
...)
@@ -25835,13 +25835,13 @@
 CVE-2017-2148 (Cross-site scripting vulnerability in WN-AC1167GR firmware 
version ...)
        NOT-FOR-US: WN-AC1167GR firmware
 CVE-2017-2147 (Cross-site scripting vulnerability in WP Statistics version 
12.0.4 and ...)
-       NOT-FOR-US: WP Statistics
+       NOT-FOR-US: WP Statistics
 CVE-2017-2146 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 
4.2.4 ...)
-       TODO: check
+       NOT-FOR-US: Cybozu Garoon
 CVE-2017-2145 (Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 
allows ...)
-       TODO: check
+       NOT-FOR-US: Cybozu Garoon
 CVE-2017-2144 (Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock 
another ...)
-       TODO: check
+       NOT-FOR-US: Cybozu Garoon
 CVE-2017-2143 (CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart 
Multivendor ...)
        NOT-FOR-US: CS-Cart
 CVE-2017-2142 (Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier 
allows ...)
@@ -27333,7 +27333,7 @@
 CVE-2017-1399
        RESERVED
 CVE-2017-1398 (IBM WebSphere Commerce Enterprise, Professional, Express, and 
...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2017-1397
        RESERVED
 CVE-2017-1396
@@ -27455,7 +27455,7 @@
 CVE-2017-1338
        RESERVED
 CVE-2017-1337 (IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can 
incorrectly ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2017-1336
        RESERVED
 CVE-2017-1335
@@ -27561,7 +27561,7 @@
 CVE-2017-1285
        RESERVED
 CVE-2017-1284 (IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with 
ability ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2017-1283
        RESERVED
 CVE-2017-1282 (IBM Content Navigator &amp; CMIS 2.0 and 3.0 is vulnerable to 
cross-site ...)
@@ -28929,23 +28929,23 @@
 CVE-2017-0673 (A remote code execution vulnerability in the Android media 
framework. ...)
        NOT-FOR-US: Android media framework
 CVE-2017-0672 (A denial of service vulnerability in the Android libraries. 
Product: ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-0671 (A remote code execution vulnerability in the Android libraries. 
...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-0670 (A denial of service vulnerability in the Android framework. 
Product: ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-0669 (A information disclosure vulnerability in the Android 
framework. ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-0668 (A information disclosure vulnerability in the Android 
framework. ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-0667 (A elevation of privilege vulnerability in the Android 
framework. ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-0666 (A elevation of privilege vulnerability in the Android 
framework. ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-0665 (A elevation of privilege vulnerability in the Android 
framework. ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-0664 (A elevation of privilege vulnerability in the Android 
framework. ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2017-0663 (A remote code execution vulnerability in libxml2 could enable 
an ...)
        - libxml2 <undetermined>
        NOTE: 
https://android.googlesource.com/platform/external/libxml2/+/521b88fbb6d18312923f0df653d045384b500ffc
@@ -29931,7 +29931,7 @@
 CVE-2017-0341 (All versions of the NVIDIA Windows GPU Display Driver contain a 
...)
        NOT-FOR-US: NVIDIA Windows drivers
 CVE-2017-0340 (An elevation of privilege vulnerability in the NVIDIA 
Libnvparser ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA driver for Android
 CVE-2017-0339 (An elevation of privilege vulnerability in the NVIDIA crypto 
driver ...)
        NOT-FOR-US: NVIDIA driver for Android
 CVE-2017-0338 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
@@ -29959,7 +29959,7 @@
 CVE-2017-0327 (An elevation of privilege vulnerability in the NVIDIA crypto 
driver ...)
        NOT-FOR-US: NVIDIA driver for Android
 CVE-2017-0326 (An information disclosure vulnerability in the NVIDIA Video 
Driver due ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA driver for Android
 CVE-2017-0325 (An elevation of privilege vulnerability in the NVIDIA I2C HID 
driver ...)
        NOT-FOR-US: NVIDIA driver for Android
 CVE-2017-0324 (All versions of NVIDIA Windows GPU Display Driver contain a ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r53394 - data/CVE

Reply via email to