[Secure-testing-commits] r30983 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 26 21:39:48 UTC 2014
Author: carnil
Date: 2014-12-26 21:39:48 +0000 (Fri, 26 Dec 2014)
New Revision: 30983
Modified:
data/CVE/list
Log:
Process NFU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-26 19:06:38 UTC (rev 30982)
+++ data/CVE/list 2014-12-26 21:39:48 UTC (rev 30983)
@@ -444,7 +444,7 @@
CVE-2014-9375
RESERVED
CVE-2014-9373 (Directory traversal vulnerability in the CollectorConfInfoServlet ...)
- TODO: check
+ NOT-FOR-US: ManageEngine NetFlow Analyzer
CVE-2014-9372 (Directory traversal vulnerability in the UploadAccountActivities ...)
NOT-FOR-US: ManageEngine Password Manager Pro
CVE-2014-9371 (The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 ...)
@@ -4132,7 +4132,7 @@
CVE-2014-8270 (BMC Track-It! 11.3 allows remote attackers to gain privileges and ...)
TODO: check
CVE-2014-8269 (Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) ...)
- TODO: check
+ NOT-FOR-US: Honeywell OPOS Suite
CVE-2014-8268
RESERVED
CVE-2014-8267
@@ -6389,23 +6389,23 @@
CVE-2014-7269
RESERVED
CVE-2014-7268 (Cross-site scripting (XSS) vulnerability in the data-export feature in ...)
- TODO: check
+ NOT-FOR-US: Ricksoft WBS Gantt-Chart add-on for JIRA
CVE-2014-7267 (Cross-site scripting (XSS) vulnerability in the output-page generator ...)
- TODO: check
+ NOT-FOR-US: Ricksoft WBS Gantt-Chart add-on for JIRA
CVE-2014-7266
RESERVED
CVE-2014-7265 (Cross-site scripting (XSS) vulnerability in LinPHA allows remote ...)
- TODO: check
+ NOT-FOR-US: LinPHA
CVE-2014-7264 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ - chyrp <itp> (bug #664739)
CVE-2014-7263 (Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows ...)
- TODO: check
+ NOT-FOR-US: ULTRAPOP.JP i-HTTPD
CVE-2014-7262 (Cross-site scripting (XSS) vulnerability in the Omake BBS component in ...)
- TODO: check
+ NOT-FOR-US: ULTRAPOP.JP i-HTTPD
CVE-2014-7261 (Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows ...)
- TODO: check
+ NOT-FOR-US: ULTRAPOP.JP i-HTTPD
CVE-2014-7260 (The Server Side Includes (SSI) implementation in the File Upload BBS ...)
- TODO: check
+ NOT-FOR-US: ULTRAPOP.JP i-HTTPD
CVE-2014-7259 (SQUARE ENIX Co., Ltd. Kaku-San-Sei Million Arthur before 2.25 for ...)
NOT-FOR-US: SQUARE ENIX
CVE-2014-7258 (Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 ...)
@@ -6427,7 +6427,7 @@
CVE-2014-7250 (The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly ...)
TODO: check
CVE-2014-7249 (Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, ...)
- TODO: check
+ NOT-FOR-US: Allied Telesis
CVE-2014-7248 (Cross-site scripting (XSS) vulnerability in IPA iLogScanner 4.0 allows ...)
NOT-FOR-US: IPA iLogScanner
CVE-2014-7247 (Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; ...)
@@ -6649,7 +6649,7 @@
CVE-2014-7171
RESERVED
CVE-2014-7170 (Race condition in Puppet Server 0.2.0 allows local users to obtain ...)
- TODO: check
+ NOT-FOR-US: Puppet Server (replacement for puppetmaster)
CVE-2014-7204 (jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a ...)
{DSA-3042-1 DLA-69-1}
- exuberant-ctags 1:5.9~svn20110310-8 (bug #742605)
@@ -8503,7 +8503,7 @@
CVE-2014-6382
RESERVED
CVE-2014-6381 (Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2014-6380 (Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, ...)
NOT-FOR-US: Juniper Junos
CVE-2014-6379 (Juniper Junos 11.4 before R12, 12.1 before R10, 12.1X44 before D35, ...)
@@ -8914,7 +8914,7 @@
CVE-2014-6216
RESERVED
CVE-2014-6215 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6214
RESERVED
CVE-2014-6213
@@ -8924,9 +8924,9 @@
CVE-2014-6211
RESERVED
CVE-2014-6210 (IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6209 (IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6208
RESERVED
CVE-2014-6207
@@ -8958,7 +8958,7 @@
CVE-2014-6194
RESERVED
CVE-2014-6193 (IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6192
RESERVED
CVE-2014-6191
@@ -8980,7 +8980,7 @@
CVE-2014-6183 (IBM Security Network Protection 5.1 before 5.1.0.0 FP13, 5.1.1 before ...)
NOT-FOR-US: IBM Security Network Protection
CVE-2014-6182 (Directory traversal vulnerability in an export function in the Process ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6181
RESERVED
CVE-2014-6180
@@ -8992,17 +8992,17 @@
CVE-2014-6177
RESERVED
CVE-2014-6176 (IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6175
RESERVED
CVE-2014-6174 (IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6173 (Cross-site scripting (XSS) vulnerability in the Process Inspector in ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6172
RESERVED
CVE-2014-6171 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6170
RESERVED
CVE-2014-6169
@@ -9010,15 +9010,15 @@
CVE-2014-6168
RESERVED
CVE-2014-6167 (Cross-site scripting (XSS) vulnerability in the URL rewriting feature ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6166 (The Communications Enabled Applications (CEA) service in IBM WebSphere ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6165
RESERVED
CVE-2014-6164 (IBM WebSphere Application Server 8.0.x before 8.0.0.10 and 8.5.x ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6163 (Cross-site scripting (XSS) vulnerability on the IBM WebSphere ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6162
RESERVED
CVE-2014-6161 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool/Impact ...)
@@ -9054,11 +9054,11 @@
CVE-2014-6146 (IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the ...)
NOT-FOR-US: IBM
CVE-2014-6145 (Cross-site scripting (XSS) vulnerability in the server in IBM Cognos ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6144
RESERVED
CVE-2014-6143 (The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6142
RESERVED
CVE-2014-6141
@@ -9068,13 +9068,13 @@
CVE-2014-6139
RESERVED
CVE-2014-6138 (The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6137
RESERVED
CVE-2014-6136
RESERVED
CVE-2014-6135 (IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6134
RESERVED
CVE-2014-6133 (IBM API Management 3.x before 3.0.1.0 allows local users to obtain ...)
@@ -9100,13 +9100,13 @@
CVE-2014-6123
RESERVED
CVE-2014-6122 (IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6121 (Cross-site scripting (XSS) vulnerability in IBM Security AppScan ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6120
RESERVED
CVE-2014-6119 (IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6118
RESERVED
CVE-2014-6117
@@ -9166,33 +9166,33 @@
CVE-2014-6090
RESERVED
CVE-2014-6089 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6088 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6087 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6086 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6085
RESERVED
CVE-2014-6084 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6083 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6082 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6081
RESERVED
CVE-2014-6080 (SQL injection vulnerability in IBM Security Access Manager for Mobile ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6079 (Cross-site scripting (XSS) vulnerability in the Local Management ...)
NOT-FOR-US: IBM Security Access Manager
CVE-2014-6078 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6077 (Cross-site request forgery (CSRF) vulnerability in IBM Security Access ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6076 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6075 (IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch ...)
NOT-FOR-US: IBM Security QRadar SIEM
CVE-2014-6074 (IBM UrbanCode Deploy 6.1.0.2 before IF1 allows remote authenticated ...)
@@ -10421,7 +10421,7 @@
CVE-2014-5467
RESERVED
CVE-2014-5466 (Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2014-5465 (Directory traversal vulnerability in force-download.php in the ...)
NOT-FOR-US: WordPress plugin Download Shortcode
CVE-2014-5463
@@ -10726,7 +10726,7 @@
CVE-2014-5360
RESERVED
CVE-2014-5359 (Directory traversal vulnerability in SafeNet Authentication Service ...)
- TODO: check
+ NOT-FOR-US: SafeNet Authentication Service
CVE-2014-5358
RESERVED
CVE-2014-5357
@@ -11146,17 +11146,17 @@
CVE-2014-5218
RESERVED
CVE-2014-5217 (Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2014-5216 (Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2014-5215 (NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2014-5214 (nps/servlet/webacc in iManager in the Administration Console server in ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2014-5213 (nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in ...)
- TODO: check
+ NOT-FOR-US: Novell eDirectory
CVE-2014-5212 (Cross-site scripting (XSS) vulnerability in nds/search/data in ...)
- TODO: check
+ NOT-FOR-US: Novell eDirectory
CVE-2014-5211
RESERVED
CVE-2014-5210 (The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows ...)
@@ -11164,7 +11164,7 @@
CVE-2014-5209
RESERVED
CVE-2014-5208 (BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS ...)
- TODO: check
+ NOT-FOR-US: Batch Management Packages in Yokogawa and Exaopc
CVE-2014-5202 (Cross-site scripting (XSS) vulnerability in compfight-search.php in ...)
NOT-FOR-US: WordPress plugin compfight
CVE-2014-5201 (SQL injection vulnerability in the Gallery Objects plugin 0.4 for ...)
@@ -11919,7 +11919,7 @@
CVE-2014-4937 (Directory traversal vulnerability in includes/bookx_export.php BookX ...)
NOT-FOR-US: WordPress plugin
CVE-2014-4936 (The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer ...)
- TODO: check
+ NOT-FOR-US: Malwarebytes
CVE-2014-4935
RESERVED
CVE-2014-4934
@@ -12103,7 +12103,7 @@
CVE-2014-4845 (Cross-site scripting (XSS) vulnerability in the BannerMan plugin 0.2.4 ...)
NOT-FOR-US: WordPress plugin
CVE-2014-4844 (The import/export functionality in IBM Business Process Manager (BPM) ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-4843
RESERVED
CVE-2014-4842
@@ -12161,7 +12161,7 @@
CVE-2014-4816 (Cross-site request forgery (CSRF) vulnerability in the Administrative ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2014-4815 (Session fixation vulnerability in IBM Rational Lifecycle Integration ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-4814 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
NOT-FOR-US: IBM WebSphere Portal
CVE-2014-4813
@@ -12189,7 +12189,7 @@
CVE-2014-4802 (The Saved Search Admin component in the Process Admin Console in IBM ...)
NOT-FOR-US: IBM Business Process Manager
CVE-2014-4801 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-4800
RESERVED
CVE-2014-4799
@@ -12670,7 +12670,7 @@
CVE-2014-4627 (SQL injection vulnerability in EMC RSA Web Threat Detection 4.x before ...)
NOT-FOR-US: EMC RSA Web Threat Detection
CVE-2014-4626 (EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, ...)
- TODO: check
+ NOT-FOR-US: EMC Documentum Content Server
CVE-2014-4625
RESERVED
CVE-2014-4624 (EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and ...)
@@ -15968,7 +15968,7 @@
CVE-2014-3411 (Unspecified vulnerability in the NSM XDB service in Juniper NSM before ...)
NOT-FOR-US: Juniper NSM
CVE-2014-3410 (The syslog-management subsystem in Cisco Adaptive Security Appliance ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-3409 (The Ethernet Connectivity Fault Management (CFM) handling feature in ...)
NOT-FOR-US: Cisco IOS
CVE-2014-3408 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
@@ -16060,7 +16060,7 @@
CVE-2014-3365
RESERVED
CVE-2014-3364 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-3363 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
NOT-FOR-US: Cisco
CVE-2014-3362 (Memory leak in Cisco TelePresence System Edge MXP Series Software ...)
@@ -16888,7 +16888,7 @@
CVE-2014-3059 (Unspecified vulnerability in the Administrative Console on the IBM ...)
NOT-FOR-US: IBM WebSphere
CVE-2014-3058 (Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-3057 (Cross-site scripting (XSS) vulnerability in the Unified Task List ...)
NOT-FOR-US: IBM WebSphere Portal
CVE-2014-3056 (The Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and ...)
More information about the Secure-testing-commits
mailing list