Author: carnil
Date: 2017-11-28 20:17:56 +0000 (Tue, 28 Nov 2017)
New Revision: 58090
Modified:
data/CVE/list
Log:
Process round of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-28 19:59:39 UTC (rev 58089)
+++ data/CVE/list 2017-11-28 20:17:56 UTC (rev 58090)
@@ -520,7 +520,7 @@
CVE-2016-10702 (Pebble Smartwatch devices through 4.3 mishandle UUID storage,
which ...)
TODO: check
CVE-2016-10701 (In Hitachi Vantara Pentaho BA Platform through 8.0, a CSRF
issue exists ...)
- TODO: check
+ NOT-FOR-US: Hitachi Vantara Pentaho BA Platform
CVE-2017-1001004 (typed-function before 0.10.6 had an arbitrary code execution
in the ...)
TODO: check
CVE-2017-1001003 (math.js before 3.17.0 had an issue where private properties
such as a ...)
@@ -9056,9 +9056,9 @@
CVE-2017-14391
RESERVED
CVE-2017-14390 (In Cloud Foundry Foundation cf-deployment v0.35.0, a
misconfiguration ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry
CVE-2017-14389 (An issue was discovered in Cloud Foundry Foundation
capi-release (all ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry
CVE-2017-14388 (Cloud Foundry Foundation GrootFS release 0.3.x versions prior
to 0.30.0 ...)
NOT-FOR-US: Cloud Foundry Foundation GrootFS
CVE-2017-14387
@@ -9078,7 +9078,7 @@
CVE-2017-14380
RESERVED
CVE-2017-14379 (EMC RSA Authentication Manager before 8.2 SP1 P6 has a
cross-site ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2017-14378
RESERVED
CVE-2017-14377
@@ -27552,7 +27552,7 @@
CVE-2017-8039 (An issue was discovered in Pivotal Spring Web Flow through
2.4.5. ...)
NOT-FOR-US: Spring Web Flow
CVE-2017-8038 (In Cloud Foundry Foundation Credhub-release version 1.1.0,
access ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry Foundation Credhub-release
CVE-2017-8037 (In Cloud Foundry Foundation CAPI-release versions after v1.6.0
and ...)
NOT-FOR-US: Cloud Foundry
CVE-2017-8036 (An issue was discovered in the Cloud Controller API in Cloud
Foundry ...)
@@ -27566,7 +27566,7 @@
CVE-2017-8032 (In Cloud Foundry cf-release versions prior to v264; UAA release
all ...)
NOT-FOR-US: Cloud Foundry
CVE-2017-8031 (An issue was discovered in Cloud Foundry Foundation cf-release
(all ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry
CVE-2017-8030
RESERVED
CVE-2017-8029
@@ -27591,9 +27591,9 @@
CVE-2017-8021 (EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an
...)
NOT-FOR-US: EMC Elastic Cloud Storage
CVE-2017-8020 (An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer
overflow ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2017-8019 (An issue was discovered in EMC ScaleIO 2.0.1.x. A vulnerability
in ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2017-8018 (EMC AppSync host plug-in versions 3.5 and below (Windows
platform only) ...)
NOT-FOR-US: EMC AppSync
CVE-2017-8017 (EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x,
9.4.1.x, and ...)
@@ -27629,7 +27629,7 @@
CVE-2017-8002 (EMC Data Protection Advisor prior to 6.4 contains multiple
blind SQL ...)
NOT-FOR-US: EMC Data Protection Advisor
CVE-2017-8001 (An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux
environment, ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2017-8000 (In EMC RSA Authentication Manager 8.2 SP1 and earlier, a
malicious RSA ...)
NOT-FOR-US: EMC
CVE-2017-7999 (Atlassian Eucalyptus before 4.4.1, when in EDGE mode, allows
remote ...)
@@ -46888,9 +46888,9 @@
CVE-2017-1690
RESERVED
CVE-2017-1689 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to
cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1688 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to
cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1687
RESERVED
CVE-2017-1686
@@ -46910,7 +46910,7 @@
CVE-2017-1679
RESERVED
CVE-2017-1678 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1677
RESERVED
CVE-2017-1676
@@ -46966,7 +46966,7 @@
CVE-2017-1651
RESERVED
CVE-2017-1650 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to
cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1649
RESERVED
CVE-2017-1648
@@ -47010,7 +47010,7 @@
CVE-2017-1629
RESERVED
CVE-2017-1628 (IBM Business Process Manager 8.6.0.0 allows authenticated users
to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1627
RESERVED
CVE-2017-1626
@@ -47052,7 +47052,7 @@
CVE-2017-1608
RESERVED
CVE-2017-1607 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to
cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1606
RESERVED
CVE-2017-1605
@@ -47080,7 +47080,7 @@
CVE-2017-1594
RESERVED
CVE-2017-1593 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1592
RESERVED
CVE-2017-1591 (IBM WebSphere DataPower Appliances 7.0.0 through 7.6 is
vulnerable to ...)
@@ -47126,7 +47126,7 @@
CVE-2017-1571
RESERVED
CVE-2017-1570 (IBM Jazz Foundation products could allow an authenticated user
to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1569 (IBM WebSphere Commerce 7.0 and 8.0 contains an unspecified ...)
NOT-FOR-US: IBM
CVE-2017-1568
@@ -47146,7 +47146,7 @@
CVE-2017-1561
RESERVED
CVE-2017-1560 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1559
RESERVED
CVE-2017-1558
@@ -47298,7 +47298,7 @@
CVE-2017-1485 (IBM Cognos Analytics 11.0 is vulnerable to cross-site
scripting. This ...)
NOT-FOR-US: IBM
CVE-2017-1484 (IBM WebSphere Commerce Enterprise, Professional, Express, and
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1483 (IBM Security Identity Manager Adapters 6.0 and 7.0 does not
perform an ...)
NOT-FOR-US: IBM
CVE-2017-1482
@@ -47344,7 +47344,7 @@
CVE-2017-1462
RESERVED
CVE-2017-1461 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1460 (IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue
router ...)
NOT-FOR-US: IBM
CVE-2017-1459
@@ -47700,7 +47700,7 @@
CVE-2017-1284 (IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with
ability ...)
NOT-FOR-US: IBM
CVE-2017-1283 (IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user
to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1282 (IBM Content Navigator & CMIS 2.0 and 3.0 is vulnerable to
cross-site ...)
NOT-FOR-US: IBM
CVE-2017-1281
@@ -47764,7 +47764,7 @@
CVE-2017-1252
RESERVED
CVE-2017-1251 (An undisclosed vulnerability in CLM applications may result in
some ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1250
RESERVED
CVE-2017-1249 (IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site
scripting. ...)
@@ -47786,7 +47786,7 @@
CVE-2017-1241 (An unspecified vulnerability in IBM Jazz Foundation based
applications ...)
NOT-FOR-US: IBM
CVE-2017-1240 (IBM Rhapsody DM products could reveal sensitive information in
HTTP ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1239
RESERVED
CVE-2017-1238
@@ -85966,11 +85966,11 @@
CVE-2015-7270 (Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80
and 7/8 ...)
NOT-FOR-US: Dell iDRAC
CVE-2015-7269 (Seagate ST500LT015 hard disk drives, when operating in eDrive
mode on ...)
- TODO: check
+ NOT-FOR-US: Seagate ST500LT015 hard disk drives
CVE-2015-7268 (Samsung 850 Pro and PM851 solid-state drives and Seagate
ST500LT015 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2015-7267 (Samsung 850 Pro and PM851 solid-state drives and Seagate
ST500LT015 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2015-7266
RESERVED
CVE-2015-7265 (Facebook Proxygen before 2015-11-09 mismanages
HTTPMessage.request ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
