[Secure-testing-commits] r27660 - data/CVE
Helmut Grohne
helmutg at moszumanska.debian.org
Wed Jul 9 05:44:52 UTC 2014
Author: helmutg
Date: 2014-07-09 05:44:52 +0000 (Wed, 09 Jul 2014)
New Revision: 27660
Modified:
data/CVE/list
Log:
NFUs. mostly WordPress plugins
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-07-09 05:02:24 UTC (rev 27659)
+++ data/CVE/list 2014-07-09 05:44:52 UTC (rev 27660)
@@ -37,7 +37,7 @@
CVE-2014-4704
RESERVED
CVE-2013-7388 (Heap-based buffer overflow in paintlib, as used in Trimble SketchUp ...)
- TODO: check
+ NOT-FOR-US: Trimble SketchUp
CVE-2012-6650
RESERVED
CVE-2014-XXXX [Quassel: /var/lib/quassel/quasselCert.pem world-readable]
@@ -404,47 +404,47 @@
CVE-2014-4558
RESERVED
CVE-2014-4557 (Cross-site scripting (XSS) vulnerability in test-plugin.php in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Swipe Checkout for Jigoshop
CVE-2014-4556 (Cross-site scripting (XSS) vulnerability in test-plugin.php in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Switch Checkout for eShop
CVE-2014-4555 (Cross-site scripting (XSS) vulnerability in fonts/font-form.php in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Style It
CVE-2014-4554 (Cross-site scripting (XSS) vulnerability in templates/download.php in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin SS Downloads
CVE-2014-4553
RESERVED
CVE-2014-4552 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Spotlight
CVE-2014-4551 (Cross-site scripting (XSS) vulnerability in diagnostics/test.php in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Social Connect
CVE-2014-4550
RESERVED
CVE-2014-4549 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin WooCommerce SagePay Direct Payment Gateway
CVE-2014-4548
RESERVED
CVE-2014-4547 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Rezgo Online Booking
CVE-2014-4546 (Cross-site scripting (XSS) vulnerability in book_ajax.php in the Rezgo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Rezgo
CVE-2014-4545 (Multiple cross-site scripting (XSS) vulnerabilities in pq_dialog.php ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Pro Quoter
CVE-2014-4544
RESERVED
CVE-2014-4543 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Pay Per Media Player
CVE-2014-4542 (Cross-site scripting (XSS) vulnerability in redirect.php in the Ooorl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Ooorl
CVE-2014-4541 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin OMFG Mobile Pro
CVE-2014-4540 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Oleggo LiveStream
CVE-2014-4539
RESERVED
CVE-2014-4538 (Cross-site scripting (XSS) vulnerability in process.php in the Malware ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Malware Finder
CVE-2014-4537 (Cross-site scripting (XSS) vulnerability in inpage.tpl.php in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Keyword Strategy Internal Links
CVE-2014-4536
RESERVED
CVE-2014-4535
@@ -452,17 +452,17 @@
CVE-2014-4534 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
TODO: check
CVE-2014-4533 (Cross-site scripting (XSS) vulnerability in ajax_functions.php in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin GEO Redirector
CVE-2014-4532 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin GarageSale
CVE-2014-4531 (Cross-site scripting (XSS) vulnerability in main_page.php in the Game ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Game tabs
CVE-2014-4530
RESERVED
CVE-2014-4529 (Cross-site scripting (XSS) vulnerability in fpg_preview.php in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Flash Photo Gallery
CVE-2014-4528 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin fbpromotions
CVE-2014-4527 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
TODO: check
CVE-2014-4526 (Multiple cross-site scripting (XSS) vulnerabilities in callback.php in ...)
@@ -470,29 +470,29 @@
CVE-2014-4525
RESERVED
CVE-2014-4524 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin WP Easy Post Types
CVE-2014-4523
RESERVED
CVE-2014-4522 (Cross-site scripting (XSS) vulnerability in client-assist.php in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin dsSearchAgent: WordPress Edition
CVE-2014-4521 (Cross-site scripting (XSS) vulnerability in client-assist.php in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin dsIDXpress IDX
CVE-2014-4520 (Cross-site scripting (XSS) vulnerability in phprack.php in the DMCA ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin DMCA WaterMarker
CVE-2014-4519
RESERVED
CVE-2014-4518 (Cross-site scripting (XSS) vulnerability in xd_resize.php in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Contact Form by ContactMe.com
CVE-2014-4517
RESERVED
CVE-2014-4516 (Cross-site scripting (XSS) vulnerability in bicm-carousel-preview.php ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin BIC Media Widget
CVE-2014-4515 (Cross-site scripting (XSS) vulnerability in mce_anyfont/dialog.php in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin AnyFont
CVE-2014-4514
RESERVED
CVE-2014-4513 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin ActiveHelper LiveHelp Live Chat
CVE-2014-4512
RESERVED
CVE-2014-4511
@@ -1854,9 +1854,9 @@
CVE-2014-3891
RESERVED
CVE-2014-3890 (silex SX-2000WG devices with firmware before 1.5.4 allow remote ...)
- TODO: check
+ NOT-FOR-US: silex device
CVE-2014-3889 (silex SX-2000WG devices with firmware before 1.5.4 allow remote ...)
- TODO: check
+ NOT-FOR-US: silex device
CVE-2014-3888
RESERVED
CVE-2014-3887
@@ -3786,7 +3786,7 @@
CVE-2014-3101
RESERVED
CVE-2014-3100 (Stack-based buffer overflow in the encode_key function in ...)
- TODO: check
+ NOT-FOR-US: Android service KeyStore
CVE-2014-3099
RESERVED
CVE-2014-3098
@@ -3810,7 +3810,7 @@
CVE-2014-3089
RESERVED
CVE-2014-3088 (stconf.nsf in IBM Sametime Meeting Server 8.5.1 relies on the client ...)
- TODO: check
+ NOT-FOR-US: IBM Sametime
CVE-2014-3087
RESERVED
CVE-2014-3086
@@ -21169,11 +21169,11 @@
CVE-2013-3665 (Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT ...)
NOT-FOR-US: AutoCAD
CVE-2013-3664 (Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689) ...)
- TODO: check
+ NOT-FOR-US: Trimble SketchUp
CVE-2013-3663 (Heap-based buffer overflow in paintlib, as used in Trimble SketchUp ...)
NOT-FOR-US: Trimble SketchUp
CVE-2013-3662 (Timbre SketchUp (formerly Google SketchUp) before 8 Maintenance 2 ...)
- TODO: check
+ NOT-FOR-US: Trimble SketchUp
CVE-2013-3661 (The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP ...)
NOT-FOR-US: Microsoft Windows
CVE-2013-3660 (The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode ...)
@@ -22627,7 +22627,7 @@
CVE-2013-3005 (The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, ...)
NOT-FOR-US: TFTP client in IBM AIX
CVE-2013-3004 (Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Application Dependency Discovery Manager
CVE-2013-3003 (Unspecified vulnerability in SOAP Gateway in IBM IMS Enterprise Suite ...)
NOT-FOR-US: IBM
CVE-2013-3002
More information about the Secure-testing-commits
mailing list