[Secure-testing-commits] r58255 - data/CVE

Salvatore Bonaccorso Mon, 04 Dec 2017 13:29:36 -0800

Author: carnil
Date: 2017-12-04 21:29:22 +0000 (Mon, 04 Dec 2017)
New Revision: 58255


Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-12-04 21:10:19 UTC (rev 58254)
+++ data/CVE/list       2017-12-04 21:29:22 UTC (rev 58255)
@@ -1542,9 +1542,9 @@
 CVE-2017-17058 (The WooCommerce plugin through 3.x for WordPress has a 
Directory ...)
        NOT-FOR-US: WooCommerce plugin for WordPress
 CVE-2017-17057 (There is a reflected XSS vulnerability in ZKTime Web 
2.0.1.12280. The ...)
-       TODO: check
+       NOT-FOR-US: ZKTeco ZKTime Web Software
 CVE-2017-17056 (The ZKTime Web Software 2.0.1.12280 allows the Administrator 
to ...)
-       TODO: check
+       NOT-FOR-US: ZKTeco ZKTime Web Software
 CVE-2017-17055
        RESERVED
 CVE-2017-17054 (In aubio 0.4.6, a divide-by-zero error exists in the function 
...)
@@ -4127,7 +4127,7 @@
 CVE-2017-16722
        RESERVED
 CVE-2017-16721 (A Cross-site Scripting issue was discovered in Geovap Reliance 
SCADA ...)
-       TODO: check
+       NOT-FOR-US: Geovap Reliance SCADA
 CVE-2017-16720
        RESERVED
 CVE-2017-16719 (An Injection issue was discovered in Moxa NPort 5110 Version 
2.2, NPort ...)
@@ -6518,7 +6518,7 @@
 CVE-2017-15890
        RESERVED
 CVE-2017-15889 (Command injection vulnerability in smart.cgi in Synology 
DiskStation ...)
-       TODO: check
+       NOT-FOR-US: Synology DiskStation Manager
 CVE-2017-15888 (Cross-site scripting (XSS) vulnerability in Custom Internet 
Radio List ...)
        NOT-FOR-US: Synology
 CVE-2017-15887 (An improper restriction of excessive authentication attempts 
...)
@@ -17581,9 +17581,9 @@
 CVE-2017-12081
        RESERVED
 CVE-2017-12080 (An information exposure vulnerability in default HTTP 
configuration ...)
-       TODO: check
+       NOT-FOR-US: Synology Photo Station
 CVE-2017-12079 (Files or directories accessible to external parties 
vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: Synology Photo Station
 CVE-2017-12078
        RESERVED
 CVE-2017-12077 (Uncontrolled Resource Consumption vulnerability in ...)
@@ -20751,7 +20751,7 @@
 CVE-2017-11019
        RESERVED
 CVE-2017-11018 (In android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11017 (In android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
        TODO: check
 CVE-2017-11016
@@ -20763,7 +20763,7 @@
 CVE-2017-11013 (In android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
        TODO: check
 CVE-2017-11012 (In android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11011
        RESERVED
 CVE-2017-11010
@@ -21124,13 +21124,13 @@
 CVE-2017-10904
        RESERVED
 CVE-2017-10903 (Improper authentication issue in PTW-WMS1 firmware version 
2.000.012 ...)
-       TODO: check
+       NOT-FOR-US: PTW-WMS1 firmware
 CVE-2017-10902 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to 
execute ...)
-       TODO: check
+       NOT-FOR-US: PTW-WMS1 firmware
 CVE-2017-10901 (Buffer overflow in PTW-WMS1 firmware version 2.000.012 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: PTW-WMS1 firmware
 CVE-2017-10900 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to 
bypass ...)
-       TODO: check
+       NOT-FOR-US: PTW-WMS1 firmware
 CVE-2017-10899 (SQL injection vulnerability in the A-Reserve and A-Reserve for 
MT ...)
        TODO: check
 CVE-2017-10898 (SQL injection vulnerability in the A-Member and A-Member for 
MT cloud ...)
@@ -21140,15 +21140,15 @@
 CVE-2017-10896
        RESERVED
 CVE-2017-10895 (sDNSProxy.exe ver1.1.0.0 and earlier allows remote attackers 
to cause ...)
-       TODO: check
+       NOT-FOR-US: sDNSProxy
 CVE-2017-10894 (StreamRelay.NET.exe ver2.14.0.7 and earlier allows remote 
attackers to ...)
-       TODO: check
+       NOT-FOR-US: StreamRelay.NET
 CVE-2017-10893
        RESERVED
 CVE-2017-10892 (Untrusted search path vulnerability in Music Center for PC 
version ...)
-       TODO: check
+       NOT-FOR-US: Music Center for PC
 CVE-2017-10891 (Untrusted search path vulnerability in Media Go version 
3.2.0.191 and ...)
-       TODO: check
+       NOT-FOR-US: Media Go
 CVE-2017-10890 (Session management issue in RX-V200 firmware versions prior to 
...)
        NOT-FOR-US: RX-V200 firmware
 CVE-2017-10889 (TablePress prior to version 1.8.1 allows an attacker to 
conduct XML ...)
@@ -21182,7 +21182,7 @@
 CVE-2017-10875 (I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an 
...)
        NOT-FOR-US: I-O DATA DEVICE LAN DISK Connect
 CVE-2017-10874 (PWR-Q200 does not use random values for source ports of DNS 
query ...)
-       TODO: check
+       NOT-FOR-US: PWR-Q200
 CVE-2017-10873 (OpenAM (Open Source Edition) allows an attacker to bypass ...)
        NOT-FOR-US: OpenAM
 CVE-2017-10872
@@ -21208,7 +21208,7 @@
 CVE-2017-10862 (jwt-scala 1.2.2 and earlier fails to verify token signatures 
correctly ...)
        NOT-FOR-US: jwt-scala
 CVE-2017-10861 (Directory traversal vulnerability in QND Advance/Standard 
allows an ...)
-       TODO: check
+       NOT-FOR-US: QND Advance/Standard
 CVE-2017-10860 (Untrusted search path vulnerability in &quot;i-filter 6.0 
installer&quot; ...)
        NOT-FOR-US: i-filter 6.0 installer
 CVE-2017-10859 (Untrusted search path vulnerability in &quot;i-filter 6.0 
installer&quot; ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r58255 - data/CVE

Reply via email to