Author: carnil Date: 2017-12-04 21:29:22 +0000 (Mon, 04 Dec 2017) New Revision: 58255
Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-12-04 21:10:19 UTC (rev 58254) +++ data/CVE/list 2017-12-04 21:29:22 UTC (rev 58255) @@ -1542,9 +1542,9 @@ CVE-2017-17058 (The WooCommerce plugin through 3.x for WordPress has a Directory ...) NOT-FOR-US: WooCommerce plugin for WordPress CVE-2017-17057 (There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The ...) - TODO: check + NOT-FOR-US: ZKTeco ZKTime Web Software CVE-2017-17056 (The ZKTime Web Software 2.0.1.12280 allows the Administrator to ...) - TODO: check + NOT-FOR-US: ZKTeco ZKTime Web Software CVE-2017-17055 RESERVED CVE-2017-17054 (In aubio 0.4.6, a divide-by-zero error exists in the function ...) @@ -4127,7 +4127,7 @@ CVE-2017-16722 RESERVED CVE-2017-16721 (A Cross-site Scripting issue was discovered in Geovap Reliance SCADA ...) - TODO: check + NOT-FOR-US: Geovap Reliance SCADA CVE-2017-16720 RESERVED CVE-2017-16719 (An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort ...) @@ -6518,7 +6518,7 @@ CVE-2017-15890 RESERVED CVE-2017-15889 (Command injection vulnerability in smart.cgi in Synology DiskStation ...) - TODO: check + NOT-FOR-US: Synology DiskStation Manager CVE-2017-15888 (Cross-site scripting (XSS) vulnerability in Custom Internet Radio List ...) NOT-FOR-US: Synology CVE-2017-15887 (An improper restriction of excessive authentication attempts ...) @@ -17581,9 +17581,9 @@ CVE-2017-12081 RESERVED CVE-2017-12080 (An information exposure vulnerability in default HTTP configuration ...) - TODO: check + NOT-FOR-US: Synology Photo Station CVE-2017-12079 (Files or directories accessible to external parties vulnerability in ...) - TODO: check + NOT-FOR-US: Synology Photo Station CVE-2017-12078 RESERVED CVE-2017-12077 (Uncontrolled Resource Consumption vulnerability in ...) @@ -20751,7 +20751,7 @@ CVE-2017-11019 RESERVED CVE-2017-11018 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) - TODO: check + NOT-FOR-US: Qualcomm components for Android CVE-2017-11017 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) TODO: check CVE-2017-11016 @@ -20763,7 +20763,7 @@ CVE-2017-11013 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) TODO: check CVE-2017-11012 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) - TODO: check + NOT-FOR-US: Qualcomm components for Android CVE-2017-11011 RESERVED CVE-2017-11010 @@ -21124,13 +21124,13 @@ CVE-2017-10904 RESERVED CVE-2017-10903 (Improper authentication issue in PTW-WMS1 firmware version 2.000.012 ...) - TODO: check + NOT-FOR-US: PTW-WMS1 firmware CVE-2017-10902 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: PTW-WMS1 firmware CVE-2017-10901 (Buffer overflow in PTW-WMS1 firmware version 2.000.012 allows remote ...) - TODO: check + NOT-FOR-US: PTW-WMS1 firmware CVE-2017-10900 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: PTW-WMS1 firmware CVE-2017-10899 (SQL injection vulnerability in the A-Reserve and A-Reserve for MT ...) TODO: check CVE-2017-10898 (SQL injection vulnerability in the A-Member and A-Member for MT cloud ...) @@ -21140,15 +21140,15 @@ CVE-2017-10896 RESERVED CVE-2017-10895 (sDNSProxy.exe ver1.1.0.0 and earlier allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: sDNSProxy CVE-2017-10894 (StreamRelay.NET.exe ver2.14.0.7 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: StreamRelay.NET CVE-2017-10893 RESERVED CVE-2017-10892 (Untrusted search path vulnerability in Music Center for PC version ...) - TODO: check + NOT-FOR-US: Music Center for PC CVE-2017-10891 (Untrusted search path vulnerability in Media Go version 3.2.0.191 and ...) - TODO: check + NOT-FOR-US: Media Go CVE-2017-10890 (Session management issue in RX-V200 firmware versions prior to ...) NOT-FOR-US: RX-V200 firmware CVE-2017-10889 (TablePress prior to version 1.8.1 allows an attacker to conduct XML ...) @@ -21182,7 +21182,7 @@ CVE-2017-10875 (I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an ...) NOT-FOR-US: I-O DATA DEVICE LAN DISK Connect CVE-2017-10874 (PWR-Q200 does not use random values for source ports of DNS query ...) - TODO: check + NOT-FOR-US: PWR-Q200 CVE-2017-10873 (OpenAM (Open Source Edition) allows an attacker to bypass ...) NOT-FOR-US: OpenAM CVE-2017-10872 @@ -21208,7 +21208,7 @@ CVE-2017-10862 (jwt-scala 1.2.2 and earlier fails to verify token signatures correctly ...) NOT-FOR-US: jwt-scala CVE-2017-10861 (Directory traversal vulnerability in QND Advance/Standard allows an ...) - TODO: check + NOT-FOR-US: QND Advance/Standard CVE-2017-10860 (Untrusted search path vulnerability in "i-filter 6.0 installer" ...) NOT-FOR-US: i-filter 6.0 installer CVE-2017-10859 (Untrusted search path vulnerability in "i-filter 6.0 installer" ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits