[Secure-testing-commits] r27795 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Thu Jul 17 21:14:12 UTC 2014
Author: joeyh
Date: 2014-07-17 21:14:12 +0000 (Thu, 17 Jul 2014)
New Revision: 27795
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-07-17 20:09:01 UTC (rev 27794)
+++ data/CVE/list 2014-07-17 21:14:12 UTC (rev 27795)
@@ -1,3 +1,35 @@
+CVE-2014-4992
+ RESERVED
+CVE-2014-4991
+ RESERVED
+CVE-2014-4990
+ RESERVED
+CVE-2014-4989
+ RESERVED
+CVE-2014-4988
+ RESERVED
+CVE-2014-4987
+ RESERVED
+CVE-2014-4986
+ RESERVED
+CVE-2014-4985
+ RESERVED
+CVE-2014-4984
+ RESERVED
+CVE-2014-4983
+ RESERVED
+CVE-2014-4982
+ RESERVED
+CVE-2014-4981
+ RESERVED
+CVE-2014-4980
+ RESERVED
+CVE-2014-4979
+ RESERVED
+CVE-2014-4977 (Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer ...)
+ TODO: check
+CVE-2014-4976 (Dell SonicWall Scrutinizer 11.0.1 allows remote authenticated users to ...)
+ TODO: check
CVE-2014-XXXX [Cross-site scripting - Ajax system]
- drupal6 <not-affected> (Only affects Drupal 7 core)
- drupal7 7.29-1 (bug #755038)
@@ -40,9 +72,9 @@
RESERVED
CVE-2014-4966
RESERVED
-CVE-2014-4965 (Multiple cross-site scripting (XSS) vulnerabilities in Shopize 1.1.5 ...)
+CVE-2014-4965 (Multiple cross-site scripting (XSS) vulnerabilities in Shopizer 1.1.5 ...)
TODO: check
-CVE-2014-4964 (Multiple cross-site request forgery (CSRF) vulnerabilities in Shopize ...)
+CVE-2014-4964 (Multiple cross-site request forgery (CSRF) vulnerabilities in Shopizer ...)
TODO: check
CVE-2014-4963 (Shopizer 1.1.5 and earlier allows remote attackers to modify the ...)
TODO: check
@@ -516,6 +548,7 @@
- libressl <itp> (bug #754513)
NOTE: http://www.openwall.com/lists/oss-security/2014/07/16/6
CVE-2014-4978 [insecure use of temporary files]
+ RESERVED
- rawstudio <unfixed> (low; bug #754899)
[wheezy] - rawstudio <no-dsa> (Minor issue)
[squeeze] - rawstudio <not-affected> (Vulnerable code not present)
@@ -1418,10 +1451,10 @@
- phpmyadmin 4:4.2.5-1 (low)
[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-4347
- RESERVED
-CVE-2014-4346
- RESERVED
+CVE-2014-4347 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler ...)
+ TODO: check
+CVE-2014-4346 (Cross-site scripting (XSS) vulnerability in administration user ...)
+ TODO: check
CVE-2014-4345
RESERVED
CVE-2014-4344
@@ -1568,225 +1601,207 @@
RESERVED
CVE-2014-4272
RESERVED
-CVE-2014-4271
- RESERVED
-CVE-2014-4270
- RESERVED
-CVE-2014-4269
- RESERVED
-CVE-2014-4268
- RESERVED
+CVE-2014-4271 (Unspecified vulnerability in the Hyperion Essbase component in Oracle ...)
+ TODO: check
+CVE-2014-4270 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
+ TODO: check
+CVE-2014-4269 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
+ TODO: check
+CVE-2014-4268 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+ {DSA-2980-1}
- openjdk-6 6b32-1.13.4-1
- openjdk-7 7u65-2.5.1-1
-CVE-2014-4267
- RESERVED
-CVE-2014-4266
- RESERVED
+CVE-2014-4267 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-4266 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
+ {DSA-2980-1}
- openjdk-6 6b32-1.13.4-1
NOTE: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/de40a32a44f5
- openjdk-7 7u65-2.5.1-1
NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/c58a25d48388
-CVE-2014-4265
- RESERVED
+CVE-2014-4265 (Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows ...)
- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4264
- RESERVED
+CVE-2014-4264 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
- openjdk-6 <not-affected> (Vulnerable code not present)
- openjdk-7 7u65-2.5.1-1
NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/c084492f9e3d
-CVE-2014-4263
- RESERVED
+CVE-2014-4263 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+ {DSA-2980-1}
- openjdk-6 6b32-1.13.4-1
- openjdk-7 7u65-2.5.1-1
-CVE-2014-4262
- RESERVED
+CVE-2014-4262 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+ {DSA-2980-1}
- openjdk-6 6b32-1.13.4-1
- openjdk-7 7u65-2.5.1-1
-CVE-2014-4261
- RESERVED
+CVE-2014-4261 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox <not-affected> (Only applies if VBox is running on Windows)
- virtualbox-ose <not-affected> (Only applies if VBox is running on Windows)
-CVE-2014-4260
- RESERVED
+CVE-2014-4260 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
- mysql-5.5 <unfixed> (bug #754941)
- mysql-5.1 <not-affected> (Only affects 5.5 and later)
- mariadb-5.5 <unfixed> (bug #754940)
- percona-xtradb-cluster-5.5 <unfixed>
CVE-2014-4259
RESERVED
-CVE-2014-4258
- RESERVED
+CVE-2014-4258 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
- mysql-5.5 <unfixed> (bug #754941)
- mysql-5.1 <not-affected> (Only affects 5.5 and later)
- mariadb-5.5 <unfixed> (bug #754940)
- percona-xtradb-cluster-5.5 <unfixed>
-CVE-2014-4257
- RESERVED
-CVE-2014-4256
- RESERVED
-CVE-2014-4255
- RESERVED
-CVE-2014-4254
- RESERVED
-CVE-2014-4253
- RESERVED
-CVE-2014-4252
- RESERVED
+CVE-2014-4257 (Unspecified vulnerability in the Oracle WebCenter Portal component in ...)
+ TODO: check
+CVE-2014-4256 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-4255 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-4254 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-4253 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-4252 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+ {DSA-2980-1}
- openjdk-6 6b32-1.13.4-1
- openjdk-7 7u65-2.5.1-1
-CVE-2014-4251
- RESERVED
-CVE-2014-4250
- RESERVED
-CVE-2014-4249
- RESERVED
-CVE-2014-4248
- RESERVED
-CVE-2014-4247
- RESERVED
+CVE-2014-4251 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+ TODO: check
+CVE-2014-4250 (Unspecified vulnerability in the Siebel Core - Server OM Frwks ...)
+ TODO: check
+CVE-2014-4249 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
+ TODO: check
+CVE-2014-4248 (Unspecified vulnerability in the Oracle Application Object Library ...)
+ TODO: check
+CVE-2014-4247 (Unspecified vulnerability in Oracle Java SE 8u5 allows remote ...)
- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2014-4246
- RESERVED
-CVE-2014-4245
- RESERVED
-CVE-2014-4244
- RESERVED
+CVE-2014-4246 (Unspecified vulnerability in the Hyperion Analytic Provider Services ...)
+ TODO: check
+CVE-2014-4245 (Unspecified vulnerability in the RDBMS Core component in Oracle ...)
+ TODO: check
+CVE-2014-4244 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+ {DSA-2980-1}
- openjdk-6 6b32-1.13.4-1
- openjdk-7 7u65-2.5.1-1
-CVE-2014-4243
- RESERVED
+CVE-2014-4243 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
- mysql-5.5 <unfixed> (bug #754941)
- mysql-5.1 <not-affected> (Only affects 5.5 and later)
- mariadb-5.5 <unfixed> (bug #754940)
- percona-xtradb-cluster-5.5 <unfixed>
-CVE-2014-4242
- RESERVED
-CVE-2014-4241
- RESERVED
-CVE-2014-4240
- RESERVED
+CVE-2014-4242 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-4241 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-4240 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
- mysql-5.5 <not-affected> (Only affects 5.6)
- mysql-5.1 <not-affected> (Only affects 5.6)
- mariadb-5.5 <not-affected> (Only affects 5.6)
- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4239
- RESERVED
-CVE-2014-4238
- RESERVED
+CVE-2014-4239 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 ...)
+ TODO: check
+CVE-2014-4238 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
- mysql-5.5 <not-affected> (Only affects 5.6)
- mysql-5.1 <not-affected> (Only affects 5.6)
- mariadb-5.5 <not-affected> (Only affects 5.6)
- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4237
- RESERVED
-CVE-2014-4236
- RESERVED
-CVE-2014-4235
- RESERVED
-CVE-2014-4234
- RESERVED
-CVE-2014-4233
- RESERVED
+CVE-2014-4237 (Unspecified vulnerability in the RDBMS Core component in Oracle ...)
+ TODO: check
+CVE-2014-4236 (Unspecified vulnerability in the RDBMS Core component in Oracle ...)
+ TODO: check
+CVE-2014-4235 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+ TODO: check
+CVE-2014-4234 (Unspecified vulnerability in the Oracle Transportation Management ...)
+ TODO: check
+CVE-2014-4233 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
- mysql-5.5 <not-affected> (Only affects 5.6)
- mysql-5.1 <not-affected> (Only affects 5.6)
- mariadb-5.5 <not-affected> (Only affects 5.6)
- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4232
- RESERVED
-CVE-2014-4231
- RESERVED
-CVE-2014-4230
- RESERVED
-CVE-2014-4229
- RESERVED
-CVE-2014-4228
- RESERVED
+CVE-2014-4232 (Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) ...)
+ TODO: check
+CVE-2014-4231 (Unspecified vulnerability in the Siebel Travel & Transportation ...)
+ TODO: check
+CVE-2014-4230 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+ TODO: check
+CVE-2014-4229 (Unspecified vulnerability in the Oracle Transportation Management ...)
+ TODO: check
+CVE-2014-4228 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox 4.3.12-dfsg-1 (bug #754939)
- virtualbox-ose <not-affected> (Only affects 4.1 and later)
-CVE-2014-4227
- RESERVED
+CVE-2014-4227 (Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows ...)
- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4226
- RESERVED
-CVE-2014-4225
- RESERVED
-CVE-2014-4224
- RESERVED
-CVE-2014-4223
- RESERVED
+CVE-2014-4226 (Unspecified vulnerability in the PeopleSoft Enterprise FIN Install ...)
+ TODO: check
+CVE-2014-4225 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+ TODO: check
+CVE-2014-4224 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 ...)
+ TODO: check
+CVE-2014-4223 (Unspecified vulnerability in Oracle Java SE 7u60 allows remote ...)
- openjdk-6 <not-affected> (Vulnerable code not present)
- openjdk-7 7u65-2.5.1-1
NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/84bce1b3d28a
-CVE-2014-4222
- RESERVED
-CVE-2014-4221
- RESERVED
+CVE-2014-4222 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+ TODO: check
+CVE-2014-4221 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
- openjdk-6 <not-affected> (Vulnerable code not present)
- openjdk-7 7u65-2.5.1-1
NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/bac16c82c14a
-CVE-2014-4220
- RESERVED
+CVE-2014-4220 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4219
- RESERVED
+CVE-2014-4219 (Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows ...)
+ {DSA-2980-1}
- openjdk-6 6b32-1.13.4-1
- openjdk-7 7u65-2.5.1-1
-CVE-2014-4218
- RESERVED
+CVE-2014-4218 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+ {DSA-2980-1}
- openjdk-6 6b32-1.13.4-1
- openjdk-7 7u65-2.5.1-1
-CVE-2014-4217
- RESERVED
-CVE-2014-4216
- RESERVED
+CVE-2014-4217 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-4216 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+ {DSA-2980-1}
- openjdk-6 6b32-1.13.4-1
- openjdk-7 7u65-2.5.1-1
-CVE-2014-4215
- RESERVED
-CVE-2014-4214
- RESERVED
+CVE-2014-4215 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local ...)
+ TODO: check
+CVE-2014-4214 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
- mysql-5.5 <not-affected> (Only affects 5.6)
- mysql-5.1 <not-affected> (Only affects 5.6)
- mariadb-5.5 <not-affected> (Only affects 5.6)
- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4213
- RESERVED
-CVE-2014-4212
- RESERVED
-CVE-2014-4211
- RESERVED
-CVE-2014-4210
- RESERVED
-CVE-2014-4209
- RESERVED
+CVE-2014-4213 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+ TODO: check
+CVE-2014-4212 (Unspecified vulnerability in the Oracle Fusion Middleware component in ...)
+ TODO: check
+CVE-2014-4211 (Unspecified vulnerability in the Oracle WebCenter Portal component in ...)
+ TODO: check
+CVE-2014-4210 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-4209 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+ {DSA-2980-1}
- openjdk-6 6b32-1.13.4-1
- openjdk-7 7u65-2.5.1-1
-CVE-2014-4208
- RESERVED
+CVE-2014-4208 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4207
- RESERVED
+CVE-2014-4207 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
- mysql-5.5 <unfixed> (bug #754941)
- mysql-5.1 <not-affected> (Only affects 5.5 and later)
- mariadb-5.5 <unfixed> (bug #754940)
- percona-xtradb-cluster-5.5 <unfixed>
-CVE-2014-4206
- RESERVED
-CVE-2014-4205
- RESERVED
-CVE-2014-4204
- RESERVED
-CVE-2014-4203
- RESERVED
-CVE-2014-4202
- RESERVED
-CVE-2014-4201
- RESERVED
+CVE-2014-4206 (Unspecified vulnerability in the Hyperion Enterprise Performance ...)
+ TODO: check
+CVE-2014-4205 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+ TODO: check
+CVE-2014-4204 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
+ TODO: check
+CVE-2014-4203 (Unspecified vulnerability in the Hyperion Enterprise Performance ...)
+ TODO: check
+CVE-2014-4202 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-4201 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
CVE-2014-4200
RESERVED
CVE-2014-4199
@@ -1884,8 +1899,8 @@
RESERVED
CVE-2014-4155 (Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 ...)
NOT-FOR-US: ZTE router
-CVE-2014-4154
- RESERVED
+CVE-2014-4154 (ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores ...)
+ TODO: check
CVE-2014-4153 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows ...)
NOT-FOR-US: AlienVault OSSIM
CVE-2014-4152 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows ...)
@@ -2137,8 +2152,8 @@
- xen <not-affected> (Only 32- and 64-bit ARM systems from Xen 4.4 onwards)
CVE-2014-4019
RESERVED
-CVE-2014-4018
- RESERVED
+CVE-2014-4018 (The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a ...)
+ TODO: check
CVE-2010-5301 (Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to ...)
NOT-FOR-US: Kolibri
CVE-2010-5300 (Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows ...)
@@ -2791,8 +2806,8 @@
RESERVED
CVE-2014-3778 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: ARRIS modem
-CVE-2014-3777
- RESERVED
+CVE-2014-3777 (Directory traversal vulnerability in Reportico PHP Report Designer ...)
+ TODO: check
CVE-2014-3770
RESERVED
CVE-2014-3769
@@ -3667,8 +3682,8 @@
NOTE: https://github.com/ipython/ipython/pull/4845
CVE-2014-3428 (Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with ...)
NOT-FOR-US: Yealink VoIP Phones
-CVE-2014-3427
- RESERVED
+CVE-2014-3427 (CRLF injection vulnerability in Yealink VoIP Phones with firmware ...)
+ TODO: check
CVE-2014-3420
RESERVED
CVE-2014-3419 (Infoblox NetMRI before 6.8.5 has a default password of admin for the ...)
@@ -6044,69 +6059,61 @@
[squeeze] - libgd2 <no-dsa> (Minor issue)
[wheezy] - libgd2 <no-dsa> (Minor issue)
NOTE: http://net-ninja-mr.me/2014/03/14/php-gd-v5-4-17-2-color-visual-null-pointer-dereference/
-CVE-2014-2496
- RESERVED
-CVE-2014-2495
- RESERVED
-CVE-2014-2494
- RESERVED
+CVE-2014-2496 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
+ TODO: check
+CVE-2014-2495 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing ...)
+ TODO: check
+CVE-2014-2494 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
- mysql-5.5 <unfixed> (bug #754941)
- mysql-5.1 <not-affected> (Only affects 5.5 and later)
- mariadb-5.5 <unfixed> (bug #754940)
- percona-xtradb-cluster-5.5 <unfixed>
-CVE-2014-2493
- RESERVED
-CVE-2014-2492
- RESERVED
-CVE-2014-2491
- RESERVED
-CVE-2014-2490
- RESERVED
+CVE-2014-2493 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+ TODO: check
+CVE-2014-2492 (Unspecified vulnerability in the Oracle Agile Product Collaboration ...)
+ TODO: check
+CVE-2014-2491 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+ TODO: check
+CVE-2014-2490 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
+ {DSA-2980-1}
- openjdk-6 6b32-1.13.4-1
NOTE: http://hg.openjdk.java.net/jdk6/jdk6/hotspot/rev/dd7d490e72af
- openjdk-7 7u65-2.5.1-1
NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/02f12a9d5aec
-CVE-2014-2489
- RESERVED
+CVE-2014-2489 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox 4.3.12-dfsg-1 (bug #754939)
- virtualbox-ose <removed>
-CVE-2014-2488
- RESERVED
+CVE-2014-2488 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox 4.3.12-dfsg-1 (bug #754939)
- virtualbox-ose <removed>
-CVE-2014-2487
- RESERVED
+CVE-2014-2487 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox <not-affected> (Only applies if VBox is running on Windows)
- virtualbox-ose <not-affected> (Only applies if VBox is running on Windows)
-CVE-2014-2486
- RESERVED
+CVE-2014-2486 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox 4.3.12-dfsg-1 (bug #754939)
- virtualbox-ose <removed>
-CVE-2014-2485
- RESERVED
-CVE-2014-2484
- RESERVED
+CVE-2014-2485 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
+ TODO: check
+CVE-2014-2484 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
- mysql-5.5 <not-affected> (Only affects 5.6)
- mysql-5.1 <not-affected> (Only affects 5.6)
- mariadb-5.5 <not-affected> (Only affects 5.6)
- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-2483
- RESERVED
+CVE-2014-2483 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
- openjdk-6 <not-affected> (vulnerable code not present)
- openjdk-7 7u65-2.5.1-1
NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003
-CVE-2014-2482
- RESERVED
-CVE-2014-2481
- RESERVED
-CVE-2014-2480
- RESERVED
-CVE-2014-2479
- RESERVED
+CVE-2014-2482 (Unspecified vulnerability in the Oracle Concurrent Processing ...)
+ TODO: check
+CVE-2014-2481 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-2480 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2014-2479 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
CVE-2014-2478
RESERVED
-CVE-2014-2477
- RESERVED
+CVE-2014-2477 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox 4.3.12-dfsg-1 (bug #754939)
- virtualbox-ose <not-affected> (Only affects 4.0 and later)
CVE-2014-2476
@@ -6150,8 +6157,8 @@
NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-2457 (Unspecified vulnerability in the Oracle Agile Product Lifecycle ...)
NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2456
- RESERVED
+CVE-2014-2456 (Unspecified vulnerability in the PeopleSoft Enterprise ELS Enterprise ...)
+ TODO: check
CVE-2014-2455 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
NOT-FOR-US: Oracle Hyperion
CVE-2014-2454 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
@@ -11094,9 +11101,11 @@
CVE-2013-7178
RESERVED
CVE-2013-7177 (config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban ...)
+ {DSA-2979-1}
- fail2ban 0.8.11-1
NOTE: https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087
CVE-2013-7176 (config/filter.d/postfix.conf in the postfix filter in Fail2ban before ...)
+ {DSA-2979-1}
- fail2ban 0.8.11-1
CVE-2013-7175 (Multiple SQL injection vulnerabilities in Avanset Visual CertExam ...)
NOT-FOR-US: Avanset Visual CertExam Manager
@@ -11252,8 +11261,8 @@
- mysql-5.5 5.5.35+dfsg-1
- mysql-5.1 <removed>
- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0436
- RESERVED
+CVE-2014-0436 (Unspecified vulnerability in the Hyperion BI+ component in Oracle ...)
+ TODO: check
CVE-2014-0435 (Unspecified vulnerability in the Oracle Transportation Management ...)
NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-0434 (Unspecified vulnerability in the Oracle Agile Product Lifecycle ...)
@@ -16014,8 +16023,7 @@
NOT-FOR-US: Oracle Industry Applications
CVE-2013-5856 (Unspecified vulnerability in the Oracle Health Sciences InForm ...)
NOT-FOR-US: Oracle Industry Applications
-CVE-2013-5855
- RESERVED
+CVE-2013-5855 (Oracle Mojarra 2.2.x before 2.2.6 and 2.1.x before 2.1.28 does not ...)
- mojarra <unfixed> (low; bug #740586)
[squeeze] - mojarra <no-dsa> (Minor issue)
[wheezy] - mojarra <no-dsa> (Minor issue)
@@ -16288,8 +16296,8 @@
RESERVED
CVE-2013-5756
RESERVED
-CVE-2013-5755
- RESERVED
+CVE-2013-5755 (config/.htpasswd in Yealink IP Phone SIP-T38G have a hardcoded ...)
+ TODO: check
CVE-2013-5754 (The authorization implementation on Dahua DVR appliances accepts a ...)
NOT-FOR-US: Dahua DVR
CVE-2013-5753
More information about the Secure-testing-commits
mailing list