[Secure-testing-commits] r54213 - data/CVE

Moritz Muehlenhoff Wed, 02 Aug 2017 14:21:26 -0700

Author: jmm
Date: 2017-08-02 21:21:05 +0000 (Wed, 02 Aug 2017)
New Revision: 54213


Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-02 21:10:13 UTC (rev 54212)
+++ data/CVE/list       2017-08-02 21:21:05 UTC (rev 54213)
@@ -158,7 +158,7 @@
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e14a27723cc3a154d67f3f26e719d08c0ba9ad25
        NOTE: https://arxiv.org/pdf/1205.4011.pdf
 CVE-2017-12131 (The Easy Testimonials plugin 3.0.4 for WordPress has XSS in 
...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2017-12130
        RESERVED
 CVE-2017-12129
@@ -284,7 +284,7 @@
 CVE-2017-12069
        RESERVED
 CVE-2017-12068 (The Event List plugin 0.7.9 for WordPress has XSS in the slug 
array ...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2017-12067 (Potrace 1.14 has a heap-based buffer over-read in the 
interpolate_cubic ...)
        - potrace <unfixed> (unimportant; bug #870356)
        NOTE: 
https://github.com/hackerlib/hackerlib-vul/tree/master/potrace/heap-buffer-overflow-mkbitmap
@@ -1761,7 +1761,7 @@
 CVE-2017-11495 (PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow ...)
        NOT-FOR-US: PHICOMM
 CVE-2017-11494 (SQL injection vulnerability in SOL.Connect ISET-mpp meter 
1.2.4.2 and ...)
-       TODO: check
+       NOT-FOR-US: SOL.Connect ISET-mpp meter
 CVE-2017-11493
        RESERVED
 CVE-2017-11492
@@ -2093,7 +2093,7 @@
 CVE-2017-11365
        RESERVED
 CVE-2017-11364 (The CMS installer in Joomla! before 3.7.4 does not verify a 
user's ...)
-       TODO: check
+       NOT-FOR-US: Joomla
 CVE-2017-11363
        RESERVED
 CVE-2017-11362 (In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ...)
@@ -2125,9 +2125,9 @@
 CVE-2017-11357
        RESERVED
 CVE-2017-11356 (The application distribution export functionality in PEGA 
Platform 7.2 ...)
-       TODO: check
+       NOT-FOR-US: PEGA Platform
 CVE-2017-11355 (Multiple cross-site scripting (XSS) vulnerabilities in PEGA 
Platform ...)
-       TODO: check
+       NOT-FOR-US: PEGA Platform
 CVE-2017-11354 (Fiyo CMS v2.0.7 has an SQL injection vulnerability in ...)
        NOT-FOR-US: Fiyo CMS
 CVE-2017-11351
@@ -2897,21 +2897,21 @@
 CVE-2017-11137
        RESERVED
 CVE-2017-11136 (An issue was discovered in heinekingmedia StashCat through 
1.7.5 for ...)
-       TODO: check
+       NOT-FOR-US: heinekingmedia StashCat
 CVE-2017-11135 (An issue was discovered in heinekingmedia StashCat through 
1.7.5 for ...)
-       TODO: check
+       NOT-FOR-US: heinekingmedia StashCat
 CVE-2017-11134 (An issue was discovered in heinekingmedia StashCat through 
1.7.5 for ...)
-       TODO: check
+       NOT-FOR-US: heinekingmedia StashCat
 CVE-2017-11133 (An issue was discovered in heinekingmedia StashCat through 
1.7.5 for ...)
-       TODO: check
+       NOT-FOR-US: heinekingmedia StashCat
 CVE-2017-11132 (An issue was discovered in heinekingmedia StashCat before 
1.5.18 for ...)
-       TODO: check
+       NOT-FOR-US: heinekingmedia StashCat
 CVE-2017-11131 (An issue was discovered in heinekingmedia StashCat through 
1.7.5 for ...)
-       TODO: check
+       NOT-FOR-US: heinekingmedia StashCat
 CVE-2017-11130 (An issue was discovered in heinekingmedia StashCat through 
1.7.5 for ...)
-       TODO: check
+       NOT-FOR-US: heinekingmedia StashCat
 CVE-2017-11129 (An issue was discovered in heinekingmedia StashCat through 
1.7.5 for ...)
-       TODO: check
+       NOT-FOR-US: heinekingmedia StashCat
 CVE-2017-11128 (Bolt CMS 3.2.14 allows stored XSS via text input, as 
demonstrated by ...)
        NOT-FOR-US: Bolt CMS
 CVE-2017-11127 (Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document 
with a ...)
@@ -6229,9 +6229,9 @@
 CVE-2017-9771 (install\save.php in WebsiteBaker v2.10.0 allows remote 
attackers to ...)
        NOT-FOR-US: WebsiteBaker
 CVE-2017-9770 (A specially crafted IOCTL can be issued to the rzpnk.sys driver 
in ...)
-       TODO: check
+       NOT-FOR-US: Razer Synapse
 CVE-2017-9769 (A specially crafted IOCTL can be issued to the rzpnk.sys driver 
in ...)
-       TODO: check
+       NOT-FOR-US: Razer Synapse
 CVE-2017-9768
        RESERVED
 CVE-2017-9767
@@ -8007,7 +8007,7 @@
 CVE-2017-9245 (The Google News and Weather application before 3.3.1 for 
Android allows ...)
        NOT-FOR-US: Google News and Weather application for Android
 CVE-2017-9244 (Cross-site scripting (XSS) vulnerability in the Trello app 
before ...)
-       TODO: check
+       NOT-FOR-US: Trello
 CVE-2017-9243 (Aries QWR-1104 Wireless-N Router with Firmware Version 
WRC.253.2.0913 ...)
        NOT-FOR-US: Aries QWR-1104 Wireless-N Router
 CVE-2015-9059 (picocom before 2.0 has a command injection vulnerability in the 
'send ...)
@@ -24331,7 +24331,7 @@
 CVE-2016-9982 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow an 
...)
        NOT-FOR-US: IBM
 CVE-2016-9981 (IBM AppScan Enterprise Edition 9.0 contains an unspecified ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2016-9980 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 is 
vulnerable to ...)
        NOT-FOR-US: IBM
 CVE-2016-9979 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 is 
vulnerable to ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r54213 - data/CVE

Reply via email to