Author: carnil Date: 2017-08-19 09:40:32 +0000 (Sat, 19 Aug 2017) New Revision: 54882
Modified: data/CVE/list Log: Process several NFUs Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-19 09:25:36 UTC (rev 54881) +++ data/CVE/list 2017-08-19 09:40:32 UTC (rev 54882) @@ -45,9 +45,9 @@ CVE-2017-12948 (Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier ...) TODO: check CVE-2017-12947 (classes\controller\admin\modals.php in the Easy Modal plugin before ...) - TODO: check + NOT-FOR-US: Easy Modal plugin for WordPress CVE-2017-12946 (classes\controller\admin\modals.php in the Easy Modal plugin before ...) - TODO: check + NOT-FOR-US: Easy Modal plugin for WordPress CVE-2017-12945 RESERVED CVE-2017-12944 (The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 ...) @@ -56,9 +56,9 @@ NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2725 NOTE: Fixed by: https://github.com/vadz/libtiff/commit/dc02f9050311a90b3c0655147cee09bfa7081cfc CVE-2017-12943 (D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers ...) - TODO: check + NOT-FOR-US: D-Link DIR-600 Rev Bx devices CVE-2017-12939 (A Remote Code Execution vulnerability was identified in all Windows ...) - TODO: check + NOT-FOR-US: Unity Editor CVE-2017-12942 (libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the ...) - unrar-nonfree <unfixed> [stretch] - unrar-nonfree <no-dsa> (Non-free not supported) @@ -775,7 +775,7 @@ CVE-2017-12860 RESERVED CVE-2017-12859 (NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS ...) - TODO: check + NOT-FOR-US: NetApp CVE-2017-12858 RESERVED CVE-2017-12857 @@ -1037,7 +1037,7 @@ CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some ...) NOT-FOR-US: NexusPHP CVE-2017-12776 (SQL injection vulnerability in reports.php in NexusPHP 1.5 allows ...) - TODO: check + NOT-FOR-US: NexusPHP CVE-2017-12775 RESERVED CVE-2017-12774 (finecms in 1.9.5\controllers\member\ContentController.php allows ...) @@ -1245,7 +1245,7 @@ CVE-2017-12681 RESERVED CVE-2017-12680 (Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type ...) - TODO: check + NOT-FOR-US: NexusPHP CVE-2017-12679 RESERVED CVE-2017-12678 (In TagLib 1.11.1, the rebuildAggregateFrames function in ...) @@ -1456,15 +1456,15 @@ CVE-2017-12594 RESERVED CVE-2017-12593 (ASUS DSL-N10S V2.1.16_APAC devices allow CSRF. ...) - TODO: check + NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices CVE-2017-12592 (ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation ...) - TODO: check + NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices CVE-2017-12591 (ASUS DSL-N10S V2.1.16_APAC devices have reflected and stored cross ...) - TODO: check + NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices CVE-2017-12590 RESERVED CVE-2017-12589 (ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any ...) - TODO: check + NOT-FOR-US: ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices CVE-2017-12588 (The zmq3 input and output modules in rsyslog before 8.28.0 interpreted ...) - rsyslog 8.28.0-1 (unimportant) NOTE: https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b @@ -1487,7 +1487,7 @@ [wheezy] - dokuwiki <not-affected> (Vulnerable code not present) NOTE: https://github.com/splitbrain/dokuwiki/issues/2061 CVE-2017-12582 (Unprivileged user can access all functions in the Surveillance Station ...) - TODO: check + NOT-FOR-US: QNAP CVE-2017-12581 (GitHub Electron before 1.6.8 allows remote command execution because of ...) NOT-FOR-US: Electron CVE-2017-12580 @@ -1916,7 +1916,7 @@ CVE-2017-12421 RESERVED CVE-2017-12420 (Heap-based buffer overflow in the SMB implementation in NetApp ...) - TODO: check + NOT-FOR-US: NetApp CVE-2017-12419 (If, after successful installation of MantisBT through 2.5.2 on ...) - mantis <removed> [wheezy] - mantis <end-of-life> (Not supported in Wheezy) @@ -3689,9 +3689,9 @@ [wheezy] - sipcrack <no-dsa> (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2017/07/26/1 CVE-2017-11653 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the ...) - TODO: check + NOT-FOR-US: Razer Synapse CVE-2017-11652 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the ...) - TODO: check + NOT-FOR-US: Razer Synapse CVE-2017-11651 (NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url ...) NOT-FOR-US: NexusPHP CVE-2017-11650 @@ -5109,7 +5109,7 @@ CVE-2017-11161 RESERVED CVE-2017-11160 (Multiple untrusted search path vulnerabilities in installer in ...) - TODO: check + NOT-FOR-US: Installer in Synology Assistant CVE-2017-11159 RESERVED CVE-2017-11158 @@ -6195,11 +6195,11 @@ CVE-2017-10824 (Untrusted search path vulnerability in TDB CA TypeA use software ...) TODO: check CVE-2017-10823 (Untrusted search path vulnerability in Installer for Shin Kinkyuji ...) - TODO: check + NOT-FOR-US: Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program CVE-2017-10822 (Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu ...) - TODO: check + NOT-FOR-US: Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program CVE-2017-10821 (Untrusted search path vulnerability in Installer for Shin Kikan Toukei ...) - TODO: check + NOT-FOR-US: Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program CVE-2017-10820 (Untrusted search path vulnerability in Installer of IP Messenger for ...) NOT-FOR-US: Installer of IP Messenger for Win CVE-2017-10819 (MaLion for Mac 4.3.0 to 5.2.1 does not properly validate certificates, ...) @@ -6219,7 +6219,7 @@ CVE-2017-10812 RESERVED CVE-2017-10811 (Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an ...) - TODO: check + NOT-FOR-US: Buffalo WCR-1166DS devices CVE-2017-10810 (Memory leak in the virtio_gpu_object_create function in ...) {DSA-3927-1} - linux 4.11.11-1 (low) @@ -6599,7 +6599,7 @@ CVE-2017-10666 RESERVED CVE-2017-10665 (Directory traversal vulnerability in ajaxfileupload.php in Kayson ...) - TODO: check + NOT-FOR-US: Kayson Group Ltd. phpGrid CVE-2017-9998 (The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf ...) - dwarfutils 20170416-3 (bug #866968) [stretch] - dwarfutils 20161124-1+deb9u1 @@ -7243,7 +7243,7 @@ CVE-2017-9817 RESERVED CVE-2017-9816 (Cross-site scripting (XSS) vulnerability in Paessler PRTG Network ...) - TODO: check + NOT-FOR-US: Paessler PRTG Network Monitor CVE-2017-9815 (In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in ...) - tiff 4.0.8-1 [jessie] - tiff <no-dsa> (Minor issue) @@ -8724,7 +8724,7 @@ CVE-2017-9768 RESERVED CVE-2017-9767 (Multiple cross-site scripting (XSS) vulnerabilities in Quali ...) - TODO: check + NOT-FOR-US: Quali CloudShell CVE-2017-9766 (In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows ...) - wireshark 2.4.0-1 (bug #870175) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13811 @@ -9123,7 +9123,7 @@ CVE-2017-9686 RESERVED CVE-2017-9685 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-9684 (In all Qualcomm products with Android releases from CAF using the ...) NOT-FOR-US: Qualcomm driver for Android CVE-2017-9683 @@ -10207,31 +10207,31 @@ CVE-2016-10393 RESERVED CVE-2016-10392 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10391 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10390 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10389 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10388 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10387 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10386 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10385 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10384 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10383 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10382 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10381 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10380 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9095 RESERVED CVE-2015-9094 @@ -10277,33 +10277,33 @@ CVE-2015-9074 RESERVED CVE-2015-9073 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9072 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9071 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9070 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9069 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9068 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9067 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9066 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9065 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9064 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9063 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9062 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9061 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9060 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9984 (nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does ...) - glibc 2.19-14 - eglibc <removed> @@ -10312,27 +10312,27 @@ CVE-2014-9982 RESERVED CVE-2014-9981 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9980 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9979 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9978 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9977 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9976 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9975 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9974 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9973 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9972 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9971 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-1000380 (sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a ...) - linux 4.11.6-1 NOTE: Fixed by: https://git.kernel.org/linus/d11662f4f798b50d8c8743f433842c3e40fe3378 (v4.12-rc5) @@ -13282,45 +13282,45 @@ CVE-2017-8273 (In all Qualcomm products with Android release from CAF using the Linux ...) NOT-FOR-US: Qualcomm driver for Android CVE-2017-8272 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8271 (Out of bound memory write can happen in the MDSS Rotator driver in all ...) NOT-FOR-US: Qualcomm driver for Android CVE-2017-8270 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8269 (Userspace-controlled non null terminated parameter for IPA WAN ioctl ...) NOT-FOR-US: Qualcomm driver for Android CVE-2017-8268 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8267 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8266 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8265 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8264 (A userspace process can cause a Denial of Service in the camera driver ...) NOT-FOR-US: Qualcomm driver for Android CVE-2017-8263 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8262 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8261 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8260 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8259 (In the service locator in all Qualcomm products with Android releases ...) NOT-FOR-US: Qualcomm driver for Android CVE-2017-8258 (An array out-of-bounds access in all Qualcomm products with Android ...) NOT-FOR-US: Qualcomm driver for Android CVE-2017-8257 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8256 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8255 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8254 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8253 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-8252 RESERVED CVE-2017-8251 @@ -14094,11 +14094,11 @@ CVE-2017-7947 (NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 ...) NOT-FOR-US: NetApp CVE-2016-10347 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10346 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9055 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2013-7463 (The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use ...) NOT-FOR-US: aescrypt gem for Ruby CVE-2017-7946 (The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 ...) @@ -14224,9 +14224,9 @@ NOTE: https://github.com/phusion/passenger/commit/e5b4b0824d6b648525b4bf63d9fa37e5beeae441 NOTE: Source present, but passenger-install-nginx-module not installed CVE-2016-10344 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10343 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-10342 (In all Android releases from CAF using the Linux kernel, a buffer ...) NOT-FOR-US: Qualcomm component for Android CVE-2016-10341 (In all Android releases from CAF using the Linux kernel, 3rd party ...) @@ -14256,47 +14256,47 @@ CVE-2016-10329 (Command injection vulnerability in login.php in Synology Photo Station ...) NOT-FOR-US: Synology Photo Station CVE-2015-9054 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9053 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9052 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9051 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9050 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9049 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9048 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9047 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9046 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9045 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9044 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9043 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9042 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9041 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9040 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9039 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9038 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9037 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9036 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9035 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9034 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-9033 (In all Android releases from CAF using the Linux kernel, a QTEE system ...) NOT-FOR-US: Qualcomm component for Android CVE-2015-9032 (In all Android releases from CAF using the Linux kernel, a DRM key was ...) @@ -14326,9 +14326,9 @@ CVE-2015-9020 (In all Android releases from CAF using the Linux kernel, an untrusted ...) NOT-FOR-US: Qualcomm component for Android CVE-2014-9969 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9968 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9967 (In all Android releases from CAF using the Linux kernel, an untrusted ...) NOT-FOR-US: Qualcomm component for Android CVE-2014-9966 (In all Android releases from CAF using the Linux kernel, a ...) @@ -16342,7 +16342,7 @@ CVE-2017-7365 (In all Android releases from CAF using the Linux kernel, a buffer ...) NOT-FOR-US: Android CVE-2017-7364 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2017-7363 (Pixie 1.0.4 allows an admin/index.php s=publish&m=module&x= XSS ...) NOT-FOR-US: Pixie CMS CVE-2017-7362 (Pixie 1.0.4 allows an admin/index.php s=publish&m=dynamic&x= XSS ...) @@ -16709,7 +16709,7 @@ CVE-2017-7279 (An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 ...) NOT-FOR-US: Unitrends Enterprise Backup CVE-2017-7278 (Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort ...) - TODO: check + NOT-FOR-US: ASSA ABLOY APTUS Styra Porttelefonkort 4400 CVE-2017-7277 (The TCP stack in the Linux kernel through 4.10.6 mishandles the ...) - linux <not-affected> (Vulnerable code introduced in 4.10-rc1) CVE-2017-7276 (There is reflected XSS in TOPdesk before 5.7.6 and 6.x and 7.x before ...) @@ -26978,7 +26978,7 @@ CVE-2017-3757 RESERVED CVE-2017-3756 (A privilege escalation vulnerability was identified in Lenovo Active ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2017-3755 RESERVED CVE-2017-3754 (Some Lenovo brand notebook systems do not have write protections ...) @@ -31516,7 +31516,7 @@ CVE-2017-2290 (On Windows installations of the mcollective-puppet-agent plugin, ...) NOT-FOR-US: mcollective-puppet-agent plugin on Windows CVE-2017-2289 (Untrusted search path vulnerability in Installer of Qua station ...) - TODO: check + NOT-FOR-US: Installer of Qua station connection tool for Windows CVE-2017-2288 (Untrusted search path vulnerability in LhaForge Ver.1.6.5 and earlier ...) NOT-FOR-US: LhaForge CVE-2017-2287 (Untrusted search path vulnerability in NFC Port Software remover ...) @@ -31638,7 +31638,7 @@ CVE-2017-2229 (Untrusted search path vulnerability in Douroshisetu Kihon Data Sakusei ...) NOT-FOR-US: Douroshisetu Kihon Data Sakusei System CVE-2017-2228 (Untrusted search path vulnerability in Teikihoukokusho Sakuseishien ...) - TODO: check + NOT-FOR-US: Teikihoukokusho Sakuseishien Tool CVE-2017-2227 (Untrusted search path vulnerability in The installer of Charamin OMP ...) NOT-FOR-US: installer of Charamin OMP CVE-2017-2226 (Untrusted search path vulnerability in Setup file of advance ...) @@ -33092,7 +33092,7 @@ CVE-2017-1502 RESERVED CVE-2017-1501 (IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide ...) - TODO: check + NOT-FOR-US: IBM CVE-2017-1500 (A Reflected Cross Site Scripting (XSS) vulnerability exists in the ...) NOT-FOR-US: IBM CVE-2017-1499 @@ -33418,7 +33418,7 @@ CVE-2017-1339 RESERVED CVE-2017-1338 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...) - TODO: check + NOT-FOR-US: IBM CVE-2017-1337 (IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly ...) NOT-FOR-US: IBM CVE-2017-1336 @@ -48520,9 +48520,9 @@ CVE-2016-5874 (Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers ...) NOT-FOR-US: Siemens CVE-2016-5872 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-5871 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-5870 (The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c ...) - linux <not-affected> (Qualcomm-specific kernel patch) CVE-2016-5869 @@ -65404,15 +65404,15 @@ CVE-2015-8597 (Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 ...) NOT-FOR-US: Blue Coat CVE-2015-8596 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-8595 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-8594 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-8593 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-8592 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-8612 (The EnableNetwork method in the Network class in ...) {DSA-3427-1} - blueman 2.0.3-1 @@ -80555,7 +80555,7 @@ CVE-2015-4072 RESERVED CVE-2015-4071 (The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote ...) - TODO: check + NOT-FOR-US: Helpdesk Pro Plugin for Joomla! CVE-2015-4070 (Open redirect vulnerability in the proxyimages function in ...) NOT-FOR-US: Wow Moodboard Lite CVE-2015-4069 (The EdgeServiceImpl web service in Arcserve UDP before 5.0 Update 4 ...) @@ -87211,7 +87211,7 @@ [squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts) NOTE: Request to mark the package as unsupported in #779104 CVE-2015-1878 (Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, ...) - TODO: check + NOT-FOR-US: nShield Connect hardware models CVE-2015-1876 RESERVED CVE-2015-1875 (SQL injection vulnerability in a2billing/customer/iridium_threed.php ...) @@ -91745,11 +91745,11 @@ CVE-2015-0577 (Multiple cross-site scripting (XSS) vulnerabilities in the IronPort ...) NOT-FOR-US: Cisco AsyncOS CVE-2015-0576 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-0575 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-0574 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2015-0573 (drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the ...) NOT-FOR-US: Qualcomm driver for Android CVE-2015-0572 (Multiple race conditions in drivers/char/adsprpc.c and ...) @@ -92997,7 +92997,7 @@ CVE-2014-9412 (Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access ...) NOT-FOR-US: NetIQ Access Manager CVE-2014-9411 (In all Qualcomm products with Android releases from CAF using the ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-9410 (The vfe31_proc_general function in ...) NOT-FOR-US: Qualcomm driver for Android CVE-2014-9409 @@ -104679,7 +104679,7 @@ CVE-2014-5145 RESERVED CVE-2014-5144 (Cross-site scripting (XSS) vulnerability in Telescope before 0.9.3 ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2014-5143 RESERVED CVE-2014-5142 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits