Author: carnil
Date: 2017-08-19 09:40:32 +0000 (Sat, 19 Aug 2017)
New Revision: 54882
Modified:
data/CVE/list
Log:
Process several NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-19 09:25:36 UTC (rev 54881)
+++ data/CVE/list 2017-08-19 09:40:32 UTC (rev 54882)
@@ -45,9 +45,9 @@
CVE-2017-12948 (Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0
and earlier ...)
TODO: check
CVE-2017-12947 (classes\controller\admin\modals.php in the Easy Modal plugin
before ...)
- TODO: check
+ NOT-FOR-US: Easy Modal plugin for WordPress
CVE-2017-12946 (classes\controller\admin\modals.php in the Easy Modal plugin
before ...)
- TODO: check
+ NOT-FOR-US: Easy Modal plugin for WordPress
CVE-2017-12945
RESERVED
CVE-2017-12944 (The TIFFReadDirEntryArray function in tif_read.c in LibTIFF
4.0.8 ...)
@@ -56,9 +56,9 @@
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2725
NOTE: Fixed by:
https://github.com/vadz/libtiff/commit/dc02f9050311a90b3c0655147cee09bfa7081cfc
CVE-2017-12943 (D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote
attackers ...)
- TODO: check
+ NOT-FOR-US: D-Link DIR-600 Rev Bx devices
CVE-2017-12939 (A Remote Code Execution vulnerability was identified in all
Windows ...)
- TODO: check
+ NOT-FOR-US: Unity Editor
CVE-2017-12942 (libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the
...)
- unrar-nonfree <unfixed>
[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
@@ -775,7 +775,7 @@
CVE-2017-12860
RESERVED
CVE-2017-12859 (NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in
NFS ...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2017-12858
RESERVED
CVE-2017-12857
@@ -1037,7 +1037,7 @@
CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via
some ...)
NOT-FOR-US: NexusPHP
CVE-2017-12776 (SQL injection vulnerability in reports.php in NexusPHP 1.5
allows ...)
- TODO: check
+ NOT-FOR-US: NexusPHP
CVE-2017-12775
RESERVED
CVE-2017-12774 (finecms in 1.9.5\controllers\member\ContentController.php
allows ...)
@@ -1245,7 +1245,7 @@
CVE-2017-12681
RESERVED
CVE-2017-12680 (Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type
...)
- TODO: check
+ NOT-FOR-US: NexusPHP
CVE-2017-12679
RESERVED
CVE-2017-12678 (In TagLib 1.11.1, the rebuildAggregateFrames function in ...)
@@ -1456,15 +1456,15 @@
CVE-2017-12594
RESERVED
CVE-2017-12593 (ASUS DSL-N10S V2.1.16_APAC devices allow CSRF. ...)
- TODO: check
+ NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices
CVE-2017-12592 (ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation
...)
- TODO: check
+ NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices
CVE-2017-12591 (ASUS DSL-N10S V2.1.16_APAC devices have reflected and stored
cross ...)
- TODO: check
+ NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices
CVE-2017-12590
RESERVED
CVE-2017-12589 (ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any
...)
- TODO: check
+ NOT-FOR-US: ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices
CVE-2017-12588 (The zmq3 input and output modules in rsyslog before 8.28.0
interpreted ...)
- rsyslog 8.28.0-1 (unimportant)
NOTE:
https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b
@@ -1487,7 +1487,7 @@
[wheezy] - dokuwiki <not-affected> (Vulnerable code not present)
NOTE: https://github.com/splitbrain/dokuwiki/issues/2061
CVE-2017-12582 (Unprivileged user can access all functions in the Surveillance
Station ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2017-12581 (GitHub Electron before 1.6.8 allows remote command execution
because of ...)
NOT-FOR-US: Electron
CVE-2017-12580
@@ -1916,7 +1916,7 @@
CVE-2017-12421
RESERVED
CVE-2017-12420 (Heap-based buffer overflow in the SMB implementation in NetApp
...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2017-12419 (If, after successful installation of MantisBT through 2.5.2 on
...)
- mantis <removed>
[wheezy] - mantis <end-of-life> (Not supported in Wheezy)
@@ -3689,9 +3689,9 @@
[wheezy] - sipcrack <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/07/26/1
CVE-2017-11653 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions
for the ...)
- TODO: check
+ NOT-FOR-US: Razer Synapse
CVE-2017-11652 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions
for the ...)
- TODO: check
+ NOT-FOR-US: Razer Synapse
CVE-2017-11651 (NexusPHP V1.5 has XSS via a javascript: or data: URL in a
UBBCode url ...)
NOT-FOR-US: NexusPHP
CVE-2017-11650
@@ -5109,7 +5109,7 @@
CVE-2017-11161
RESERVED
CVE-2017-11160 (Multiple untrusted search path vulnerabilities in installer in
...)
- TODO: check
+ NOT-FOR-US: Installer in Synology Assistant
CVE-2017-11159
RESERVED
CVE-2017-11158
@@ -6195,11 +6195,11 @@
CVE-2017-10824 (Untrusted search path vulnerability in TDB CA TypeA use
software ...)
TODO: check
CVE-2017-10823 (Untrusted search path vulnerability in Installer for Shin
Kinkyuji ...)
- TODO: check
+ NOT-FOR-US: Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program
CVE-2017-10822 (Untrusted search path vulnerability in Installer for Shin
Sekiyu Yunyu ...)
- TODO: check
+ NOT-FOR-US: Installer for Shin Sekiyu Yunyu Chousa Houkoku Data
Nyuryoku Program
CVE-2017-10821 (Untrusted search path vulnerability in Installer for Shin
Kikan Toukei ...)
- TODO: check
+ NOT-FOR-US: Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou
Program
CVE-2017-10820 (Untrusted search path vulnerability in Installer of IP
Messenger for ...)
NOT-FOR-US: Installer of IP Messenger for Win
CVE-2017-10819 (MaLion for Mac 4.3.0 to 5.2.1 does not properly validate
certificates, ...)
@@ -6219,7 +6219,7 @@
CVE-2017-10812
RESERVED
CVE-2017-10811 (Buffalo WCR-1166DS devices with firmware 1.30 and earlier
allow an ...)
- TODO: check
+ NOT-FOR-US: Buffalo WCR-1166DS devices
CVE-2017-10810 (Memory leak in the virtio_gpu_object_create function in ...)
{DSA-3927-1}
- linux 4.11.11-1 (low)
@@ -6599,7 +6599,7 @@
CVE-2017-10666
RESERVED
CVE-2017-10665 (Directory traversal vulnerability in ajaxfileupload.php in
Kayson ...)
- TODO: check
+ NOT-FOR-US: Kayson Group Ltd. phpGrid
CVE-2017-9998 (The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in
libdwarf ...)
- dwarfutils 20170416-3 (bug #866968)
[stretch] - dwarfutils 20161124-1+deb9u1
@@ -7243,7 +7243,7 @@
CVE-2017-9817
RESERVED
CVE-2017-9816 (Cross-site scripting (XSS) vulnerability in Paessler PRTG
Network ...)
- TODO: check
+ NOT-FOR-US: Paessler PRTG Network Monitor
CVE-2017-9815 (In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in
...)
- tiff 4.0.8-1
[jessie] - tiff <no-dsa> (Minor issue)
@@ -8724,7 +8724,7 @@
CVE-2017-9768
RESERVED
CVE-2017-9767 (Multiple cross-site scripting (XSS) vulnerabilities in Quali
...)
- TODO: check
+ NOT-FOR-US: Quali CloudShell
CVE-2017-9766 (In Wireshark 2.2.7, PROFINET IO data with a high recursion
depth allows ...)
- wireshark 2.4.0-1 (bug #870175)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13811
@@ -9123,7 +9123,7 @@
CVE-2017-9686
RESERVED
CVE-2017-9685 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-9684 (In all Qualcomm products with Android releases from CAF using
the ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-9683
@@ -10207,31 +10207,31 @@
CVE-2016-10393
RESERVED
CVE-2016-10392 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10391 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10390 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10389 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10388 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10387 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10386 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10385 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10384 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10383 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10382 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10381 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10380 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9095
RESERVED
CVE-2015-9094
@@ -10277,33 +10277,33 @@
CVE-2015-9074
RESERVED
CVE-2015-9073 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9072 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9071 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9070 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9069 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9068 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9067 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9066 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9065 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9064 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9063 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9062 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9061 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9060 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9984 (nscd in the GNU C Library (aka glibc or libc6) before version
2.20 does ...)
- glibc 2.19-14
- eglibc <removed>
@@ -10312,27 +10312,27 @@
CVE-2014-9982
RESERVED
CVE-2014-9981 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9980 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9979 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9978 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9977 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9976 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9975 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9974 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9973 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9972 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9971 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-1000380 (sound/core/timer.c in the Linux kernel before 4.11.5 is
vulnerable to a ...)
- linux 4.11.6-1
NOTE: Fixed by:
https://git.kernel.org/linus/d11662f4f798b50d8c8743f433842c3e40fe3378
(v4.12-rc5)
@@ -13282,45 +13282,45 @@
CVE-2017-8273 (In all Qualcomm products with Android release from CAF using
the Linux ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8272 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8271 (Out of bound memory write can happen in the MDSS Rotator driver
in all ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8270 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8269 (Userspace-controlled non null terminated parameter for IPA WAN
ioctl ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8268 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8267 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8266 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8265 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8264 (A userspace process can cause a Denial of Service in the camera
driver ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8263 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8262 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8261 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8260 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8259 (In the service locator in all Qualcomm products with Android
releases ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8258 (An array out-of-bounds access in all Qualcomm products with
Android ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8257 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8256 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8255 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8254 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8253 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8252
RESERVED
CVE-2017-8251
@@ -14094,11 +14094,11 @@
CVE-2017-7947 (NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and
9.1 ...)
NOT-FOR-US: NetApp
CVE-2016-10347 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10346 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9055 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2013-7463 (The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV
for use ...)
NOT-FOR-US: aescrypt gem for Ruby
CVE-2017-7946 (The get_relocs_64 function in libr/bin/format/mach0/mach0.c in
radare2 ...)
@@ -14224,9 +14224,9 @@
NOTE:
https://github.com/phusion/passenger/commit/e5b4b0824d6b648525b4bf63d9fa37e5beeae441
NOTE: Source present, but passenger-install-nginx-module not installed
CVE-2016-10344 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10343 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10342 (In all Android releases from CAF using the Linux kernel, a
buffer ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2016-10341 (In all Android releases from CAF using the Linux kernel, 3rd
party ...)
@@ -14256,47 +14256,47 @@
CVE-2016-10329 (Command injection vulnerability in login.php in Synology Photo
Station ...)
NOT-FOR-US: Synology Photo Station
CVE-2015-9054 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9053 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9052 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9051 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9050 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9049 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9048 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9047 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9046 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9045 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9044 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9043 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9042 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9041 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9040 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9039 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9038 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9037 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9036 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9035 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9034 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-9033 (In all Android releases from CAF using the Linux kernel, a QTEE
system ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2015-9032 (In all Android releases from CAF using the Linux kernel, a DRM
key was ...)
@@ -14326,9 +14326,9 @@
CVE-2015-9020 (In all Android releases from CAF using the Linux kernel, an
untrusted ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2014-9969 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9968 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9967 (In all Android releases from CAF using the Linux kernel, an
untrusted ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2014-9966 (In all Android releases from CAF using the Linux kernel, a ...)
@@ -16342,7 +16342,7 @@
CVE-2017-7365 (In all Android releases from CAF using the Linux kernel, a
buffer ...)
NOT-FOR-US: Android
CVE-2017-7364 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2017-7363 (Pixie 1.0.4 allows an admin/index.php
s=publish&m=module&x= XSS ...)
NOT-FOR-US: Pixie CMS
CVE-2017-7362 (Pixie 1.0.4 allows an admin/index.php
s=publish&m=dynamic&x= XSS ...)
@@ -16709,7 +16709,7 @@
CVE-2017-7279 (An unprivileged user of the Unitrends Enterprise Backup before
9.0.0 ...)
NOT-FOR-US: Unitrends Enterprise Backup
CVE-2017-7278 (Unspecified vulnerability in ASSA ABLOY APTUS Styra
Porttelefonkort ...)
- TODO: check
+ NOT-FOR-US: ASSA ABLOY APTUS Styra Porttelefonkort 4400
CVE-2017-7277 (The TCP stack in the Linux kernel through 4.10.6 mishandles the
...)
- linux <not-affected> (Vulnerable code introduced in 4.10-rc1)
CVE-2017-7276 (There is reflected XSS in TOPdesk before 5.7.6 and 6.x and 7.x
before ...)
@@ -26978,7 +26978,7 @@
CVE-2017-3757
RESERVED
CVE-2017-3756 (A privilege escalation vulnerability was identified in Lenovo
Active ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2017-3755
RESERVED
CVE-2017-3754 (Some Lenovo brand notebook systems do not have write
protections ...)
@@ -31516,7 +31516,7 @@
CVE-2017-2290 (On Windows installations of the mcollective-puppet-agent
plugin, ...)
NOT-FOR-US: mcollective-puppet-agent plugin on Windows
CVE-2017-2289 (Untrusted search path vulnerability in Installer of Qua station
...)
- TODO: check
+ NOT-FOR-US: Installer of Qua station connection tool for Windows
CVE-2017-2288 (Untrusted search path vulnerability in LhaForge Ver.1.6.5 and
earlier ...)
NOT-FOR-US: LhaForge
CVE-2017-2287 (Untrusted search path vulnerability in NFC Port Software
remover ...)
@@ -31638,7 +31638,7 @@
CVE-2017-2229 (Untrusted search path vulnerability in Douroshisetu Kihon Data
Sakusei ...)
NOT-FOR-US: Douroshisetu Kihon Data Sakusei System
CVE-2017-2228 (Untrusted search path vulnerability in Teikihoukokusho
Sakuseishien ...)
- TODO: check
+ NOT-FOR-US: Teikihoukokusho Sakuseishien Tool
CVE-2017-2227 (Untrusted search path vulnerability in The installer of
Charamin OMP ...)
NOT-FOR-US: installer of Charamin OMP
CVE-2017-2226 (Untrusted search path vulnerability in Setup file of advance
...)
@@ -33092,7 +33092,7 @@
CVE-2017-1502
RESERVED
CVE-2017-1501 (IBM WebSphere Application Server 8.0, 8.5, and 9.0 could
provide ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1500 (A Reflected Cross Site Scripting (XSS) vulnerability exists in
the ...)
NOT-FOR-US: IBM
CVE-2017-1499
@@ -33418,7 +33418,7 @@
CVE-2017-1339
RESERVED
CVE-2017-1338 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1337 (IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can
incorrectly ...)
NOT-FOR-US: IBM
CVE-2017-1336
@@ -48520,9 +48520,9 @@
CVE-2016-5874 (Siemens SIMATIC NET PC-Software before 13 SP2 allows remote
attackers ...)
NOT-FOR-US: Siemens
CVE-2016-5872 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5871 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5870 (The msm_ipc_router_close function in
net/ipc_router/ipc_router_socket.c ...)
- linux <not-affected> (Qualcomm-specific kernel patch)
CVE-2016-5869
@@ -65404,15 +65404,15 @@
CVE-2015-8597 (Open redirect vulnerability in Blue Coat ProxySG 6.5 before
6.5.8.8 ...)
NOT-FOR-US: Blue Coat
CVE-2015-8596 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-8595 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-8594 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-8593 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-8592 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-8612 (The EnableNetwork method in the Network class in ...)
{DSA-3427-1}
- blueman 2.0.3-1
@@ -80555,7 +80555,7 @@
CVE-2015-4072
RESERVED
CVE-2015-4071 (The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote
...)
- TODO: check
+ NOT-FOR-US: Helpdesk Pro Plugin for Joomla!
CVE-2015-4070 (Open redirect vulnerability in the proxyimages function in ...)
NOT-FOR-US: Wow Moodboard Lite
CVE-2015-4069 (The EdgeServiceImpl web service in Arcserve UDP before 5.0
Update 4 ...)
@@ -87211,7 +87211,7 @@
[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
NOTE: Request to mark the package as unsupported in #779104
CVE-2015-1878 (Thales nShield Connect hardware models 500, 1500, 6000, 500+,
1500+, ...)
- TODO: check
+ NOT-FOR-US: nShield Connect hardware models
CVE-2015-1876
RESERVED
CVE-2015-1875 (SQL injection vulnerability in
a2billing/customer/iridium_threed.php ...)
@@ -91745,11 +91745,11 @@
CVE-2015-0577 (Multiple cross-site scripting (XSS) vulnerabilities in the
IronPort ...)
NOT-FOR-US: Cisco AsyncOS
CVE-2015-0576 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-0575 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-0574 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2015-0573 (drivers/media/platform/msm/broadcast/tsc.c in the TSC driver
for the ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2015-0572 (Multiple race conditions in drivers/char/adsprpc.c and ...)
@@ -92997,7 +92997,7 @@
CVE-2014-9412 (Multiple cross-site scripting (XSS) vulnerabilities in NetIQ
Access ...)
NOT-FOR-US: NetIQ Access Manager
CVE-2014-9411 (In all Qualcomm products with Android releases from CAF using
the ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9410 (The vfe31_proc_general function in ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9409
@@ -104679,7 +104679,7 @@
CVE-2014-5145
RESERVED
CVE-2014-5144 (Cross-site scripting (XSS) vulnerability in Telescope before
0.9.3 ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2014-5143
RESERVED
CVE-2014-5142
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
