[Secure-testing-commits] r57704 - data/CVE

Fri, 17 Nov 2017 01:26:27 -0800 

Author: jmm
Date: 2017-11-17 09:26:09 +0000 (Fri, 17 Nov 2017)
New Revision: 57704

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-17 09:24:07 UTC (rev 57703)
+++ data/CVE/list       2017-11-17 09:26:09 UTC (rev 57704)
@@ -58,9 +58,9 @@
 CVE-2017-1000219 (npm/KyleRoss windows-cpu all versions vulnerable to command 
injection ...)
        NOT-FOR-US: npm/KyleRoss windows-cpu
 CVE-2017-1000218 (LightFTP version 1.1 is vulnerable to a buffer overflow in 
the ...)
-       TODO: check
+       NOT-FOR-US: LightFTP
 CVE-2017-1000213 (WBCE v1.1.11 is vulnerable to reflected XSS via the 
"begriff" POST ...)
-       TODO: check
+       NOT-FOR-US: WBCE
 CVE-2017-1000210 (picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack 
buffer ...)
        NOT-FOR-US: picoTCP
 CVE-2017-1000209 (The Java WebSocket client nv-websocket-client does not 
verify that the ...)
@@ -284,7 +284,7 @@
 CVE-2018-0001
        RESERVED
 CVE-2017-16866 (dayrui FineCms 5.2.0 before 2017.11.16 has Cross Site 
Scripting (XSS) ...)
-       TODO: check
+       NOT-FOR-US: dayrui FineCms
 CVE-2017-16865
        RESERVED
 CVE-2017-16864
@@ -329,7 +329,7 @@
 CVE-2017-16844 (Heap-based buffer overflow in the loadbuf function in 
formisc.c in ...)
        - procmail <unfixed> (bug #876511)
 CVE-2017-16843 (Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via 
the ...)
-       TODO: check
+       NOT-FOR-US: Vonage VDV-23
 CVE-2017-16842 (Cross-site scripting (XSS) vulnerability in ...)
        NOT-FOR-US: Yoast SEO plugin for WordPress
 CVE-2017-16841 (LanSweeper 6.0.100.75 has XSS via the description parameter to 
...)
@@ -524,7 +524,7 @@
 CVE-2017-16778
        RESERVED
 CVE-2017-16777 (If HashiCorp Vagrant VMware Fusion plugin (aka 
vagrant-vmware-fusion) ...)
-       TODO: check
+       NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
 CVE-2017-16776
        RESERVED
 CVE-2017-16775
@@ -640,7 +640,7 @@
 CVE-2017-16720
        RESERVED
 CVE-2017-16719 (An Injection issue was discovered in Moxa NPort 5110 Version 
2.2, NPort ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2017-16718
        RESERVED
 CVE-2017-16717
@@ -648,7 +648,7 @@
 CVE-2017-16716
        RESERVED
 CVE-2017-16715 (An Information Exposure issue was discovered in Moxa NPort 
5110 Version ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2017-16714
        RESERVED
 CVE-2017-16713
@@ -3158,7 +3158,7 @@
 CVE-2017-15807
        RESERVED
 CVE-2017-15806 (The send function in the ezcMailMtaTransport class in Zeta 
Components ...)
-       TODO: check
+       NOT-FOR-US: Zeta Components Mail
 CVE-2016-10516 (Cross-site scripting (XSS) vulnerability in the render_full 
function in ...)
        - python-werkzeug 0.11.11+dfsg1-1
        NOTE: 
http://blog.neargle.com/2016/09/21/flask-src-review-get-a-xss-from-debuger/
@@ -3771,9 +3771,9 @@
 CVE-2017-15518
        RESERVED
 CVE-2017-15517 (AltaVault OST Plug-in versions prior to 1.2.2 may allow 
attackers to ...)
-       TODO: check
+       NOT-FOR-US: AltaVault OST Plug-in
 CVE-2017-15516 (NetApp SnapCenter Server versions 1.1 through 2.x are 
susceptible to a ...)
-       TODO: check
+       NOT-FOR-US: NetApp
 CVE-2017-15515
        RESERVED
 CVE-2017-15514


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to