[Secure-testing-commits] r25768 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Feb 16 17:25:53 UTC 2014
Author: carnil
Date: 2014-02-16 17:25:53 +0000 (Sun, 16 Feb 2014)
New Revision: 25768
Modified:
data/CVE/list
Log:
Update some NFU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-02-16 16:50:02 UTC (rev 25767)
+++ data/CVE/list 2014-02-16 17:25:53 UTC (rev 25768)
@@ -672,11 +672,11 @@
CVE-2014-1699 (Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote ...)
NOT-FOR-US: Siemens SIMATIC
CVE-2014-1698 (Directory traversal vulnerability in Siemens SIMATIC WinCC OA before ...)
- TODO: check
+ NOT-FOR-US: Siemens SIMATIC WinCC OA
CVE-2014-1697 (The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 ...)
- TODO: check
+ NOT-FOR-US: Siemens SIMATIC WinCC OA
CVE-2014-1696 (Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash ...)
- TODO: check
+ NOT-FOR-US: Siemens SIMATIC WinCC OA
CVE-2014-1695
RESERVED
CVE-2013-7323 [Unrestricted use of unquoted strings in a shell]
@@ -1302,7 +1302,7 @@
CVE-2014-1459
RESERVED
CVE-2014-1458 (Cross-site scripting (XSS) vulnerability in the web administration ...)
- TODO: check
+ NOT-FOR-US: FortiGuard FortiWeb
CVE-2014-1457
RESERVED
CVE-2014-1456
@@ -1333,7 +1333,7 @@
CVE-2014-1440
RESERVED
CVE-2014-1439 (The libxml_disable_entity_loader function in ...)
- TODO: check
+ NOT-FOR-US: HipHop Virtual Machine for PHP
CVE-2014-1437
RESERVED
CVE-2014-1436
@@ -2276,15 +2276,15 @@
CVE-2014-0835 (Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar ...)
NOT-FOR-US: IBM Security QRadar SIEM
CVE-2014-0834 (IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 ...)
- TODO: check
+ NOT-FOR-US: IBM General Parallel File System
CVE-2014-0833 (The OAC component in IBM Financial Transaction Manager (FTM) 2.0 ...)
- TODO: check
+ NOT-FOR-US: IBM Financial Transaction Manager
CVE-2014-0832 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: IBM Financial Transaction Manager
CVE-2014-0831 (Cross-site request forgery (CSRF) vulnerability in the OAC component ...)
- TODO: check
+ NOT-FOR-US: IBM Financial Transaction Manager
CVE-2014-0830 (Directory traversal vulnerability in the table-export implementation ...)
- TODO: check
+ NOT-FOR-US: IBM Financial Transaction Manager
CVE-2014-0829
RESERVED
CVE-2014-0828
@@ -2300,7 +2300,7 @@
CVE-2014-0823
RESERVED
CVE-2014-0822 (The IMAP server in IBM Domino 8.5.x before 8.5.3 FP6 IF1 and 9.0.x ...)
- TODO: check
+ NOT-FOR-US: IBM Domino
CVE-2014-0821
RESERVED
CVE-2014-0820
@@ -2314,13 +2314,13 @@
CVE-2014-0816
RESERVED
CVE-2014-0815 (The intent: URL implementation in Opera before 18 on Android allows ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2014-0814
RESERVED
CVE-2014-0813
RESERVED
CVE-2014-0812 (Cross-site scripting (XSS) vulnerability in KENT-WEB Joyful Note 2.8 ...)
- TODO: check
+ NOT-FOR-US: KENT-WEB Joyful Note
CVE-2014-0811
RESERVED
CVE-2014-0810 (Unspecified vulnerability in JustSystems Sanshiro 2007 before update ...)
@@ -2494,7 +2494,7 @@
CVE-2014-0758
RESERVED
CVE-2014-0757 (Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44 ...)
- TODO: check
+ NOT-FOR-US: Smart Software Solutions (3S) CoDeSys Runtime Toolkit
CVE-2014-0756
RESERVED
CVE-2014-0755 (Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not ...)
@@ -2807,7 +2807,7 @@
CVE-2013-7247 (cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware ...)
NOT-FOR-US: Franklin Fueling Systems TS-550
CVE-2013-7246 (Buffer overflow in the IconCreate method in an ActiveX control in the ...)
- TODO: check
+ NOT-FOR-US: DaumGame ActiveX plugin
CVE-2013-7245
RESERVED
CVE-2013-7244
@@ -3252,7 +3252,7 @@
CVE-2013-7184 (Gretech GOM Media Player 2.2.56.5158 and earlier allows remote ...)
NOT-FOR-US: Gretech GOM Media Player
CVE-2013-7183 (cgi-bin/reboot.cgi on Seowon Intech SWC-9100 routers allows remote ...)
- TODO: check
+ NOT-FOR-US: Seowon Intech SWC-9100
CVE-2013-7182 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: Fortinet FortiOS
CVE-2013-7181 (Cross-site scripting (XSS) vulnerability in user/ldap_user/add in ...)
@@ -4064,7 +4064,7 @@
CVE-2014-0331
RESERVED
CVE-2014-0330 (Cross-site scripting (XSS) vulnerability in adminui/user_list.php on ...)
- TODO: check
+ NOT-FOR-US: Dell KACE K1000 management appliance
CVE-2014-0329 (The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded ...)
TODO: check
CVE-2014-0328
@@ -5524,7 +5524,7 @@
CVE-2013-6725 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
NOT-FOR-US: IBM WebSphere
CVE-2013-6724 (Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS ...)
- TODO: check
+ NOT-FOR-US: IBM SPSS SamplePower
CVE-2013-6723 (IBM WebSphere Portal 8.0.0.1 before CF09 does not properly handle ...)
NOT-FOR-US: IBM WebSphere Portal
CVE-2013-6722
@@ -6650,7 +6650,7 @@
CVE-2013-6333
RESERVED
CVE-2013-6332 (Unrestricted file upload vulnerability in IBM Algo One UDS 4.7.0 ...)
- TODO: check
+ NOT-FOR-US: IBM Algo One UDS
CVE-2013-6331
RESERVED
CVE-2013-6330 (IBM WebSphere Application Server 7.x before 7.0.0.31, when ...)
@@ -7044,7 +7044,7 @@
CVE-2013-6144
RESERVED
CVE-2013-6143 (The Schneider Electric Telvent SAGE 3030 RTU with firmware ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric Telvent SAGE 3030 RTU
CVE-2013-6142 (DNP3Driver.exe in the DNP3 driver in Schneider Electric ClearSCADA ...)
NOT-FOR-US: Schneider Electric ClearSCADA
CVE-2013-6141 (Unspecified vulnerability in op5 Monitor before 6.1.3 allows attackers ...)
@@ -7301,7 +7301,7 @@
CVE-2013-6033 (Multiple cross-site scripting (XSS) vulnerabilities on Lexmark W840 ...)
NOT-FOR-US: Lexmark
CVE-2013-6032 (cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x ...)
- TODO: check
+ NOT-FOR-US: Lexmark
CVE-2013-6031
RESERVED
CVE-2013-6030 (Directory traversal vulnerability on the Emerson Network Power Avocent ...)
@@ -8896,7 +8896,7 @@
CVE-2013-5428 (IBM WebSphere DataPower XC10 appliances 2.5.0 do not require ...)
NOT-FOR-US: IBM WebSphere DataPower XC10 appliances
CVE-2013-5427 (Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere ...)
- TODO: check
+ NOT-FOR-US: IBM InfoSphere Master Data Management
CVE-2013-5426 (Session fixation vulnerability in IBM InfoSphere Master Data ...)
NOT-FOR-US: IBM
CVE-2013-5425 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
@@ -12569,7 +12569,7 @@
CVE-2013-4044 (IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 ...)
NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
CVE-2013-4043 (The server in IBM SPSS Collaboration and Deployment Services 4.x ...)
- TODO: check
+ NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
CVE-2013-4042 (Unspecified vulnerability in IBM SPSS Collaboration and Deployment ...)
NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
CVE-2013-4041 (Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 ...)
@@ -13482,7 +13482,7 @@
CVE-2013-3640 (Cross-site scripting (XSS) vulnerability in the Instant Web Publish ...)
NOT-FOR-US: FileMaker Pro
CVE-2013-3639 (Multiple cross-site scripting (XSS) vulnerabilities in Xaraya 2.4.0-b1 ...)
- TODO: check
+ NOT-FOR-US: Xaraya
CVE-2013-3638
RESERVED
CVE-2013-3637
@@ -14085,7 +14085,7 @@
CVE-2013-3366
RESERVED
CVE-2013-3365 (TRENDnet TEW-812DRU router allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: TRENDnet TEW-812DRU router
CVE-2013-3364
RESERVED
CVE-2013-3363 (Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 ...)
@@ -14675,7 +14675,7 @@
CVE-2013-3099
RESERVED
CVE-2013-3098 (Multiple cross-site request forgery (CSRF) vulnerabilities in TRENDnet ...)
- TODO: check
+ NOT-FOR-US: TRENDnet TEW-812DRU router
CVE-2013-3097
RESERVED
CVE-2013-3096
@@ -14691,7 +14691,7 @@
CVE-2013-3091
RESERVED
CVE-2013-3090 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 ...)
- TODO: check
+ NOT-FOR-US: Belkin N300 router
CVE-2013-3089
RESERVED
CVE-2013-3088
@@ -14703,7 +14703,7 @@
CVE-2013-3085
RESERVED
CVE-2013-3084 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin Model ...)
- TODO: check
+ NOT-FOR-US: Belkin router
CVE-2013-3083
RESERVED
CVE-2013-3082
More information about the Secure-testing-commits
mailing list