[Secure-testing-commits] r27316 - data/CVE
Helmut Grohne
helmutg at moszumanska.debian.org
Tue Jun 17 05:45:33 UTC 2014
Author: helmutg
Date: 2014-06-17 05:45:33 +0000 (Tue, 17 Jun 2014)
New Revision: 27316
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-17 05:35:26 UTC (rev 27315)
+++ data/CVE/list 2014-06-17 05:45:33 UTC (rev 27316)
@@ -202,13 +202,13 @@
CVE-2014-3936 (Stack-based buffer overflow in the do_hnap function in www/my_cgi.cgi ...)
NOT-FOR-US: D-Link
CVE-2014-3935 (SQL injection vulnerability in glossaire-aff.php in the Glossaire ...)
- TODO: check
+ NOT-FOR-US: XOOPS module Glossaire
CVE-2014-3934 (SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 ...)
NOT-FOR-US: PHP-Nuke
CVE-2014-3933 (Cross-site scripting (XSS) vulnerability in the address components ...)
NOT-FOR-US: Drupal module AddressField Tokens
CVE-2014-3932 (SQL injection vulnerability in the device registration component in ...)
- TODO: check
+ NOT-FOR-US: CoSoSys Endpoint Protector
CVE-2014-3931
RESERVED
CVE-2014-3930
@@ -230,7 +230,7 @@
CVE-2014-3921 (Cross-site scripting (XSS) vulnerability in popup.php in the Simple ...)
NOT-FOR-US: WordPress plugin Simple Popup Images
CVE-2013-7387 (Session fixation vulnerability in DataLife Engine (DLE) 9.7 and ...)
- TODO: check
+ NOT-FOR-US: DataLife Engine
CVE-2011-5280 (Multiple stack-based buffer overflows in BOINC 6.13.x allow remote ...)
TODO: check
CVE-2014-3969 (Xen 4.4.x, when running on an ARM system, does not properly check ...)
@@ -575,13 +575,13 @@
CVE-2014-3794
RESERVED
CVE-2014-3793 (VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2014-3792 (Cross-site request forgery (CSRF) vulnerability in Beetel 450TC2 ...)
NOT-FOR-US: Beetel Router
CVE-2014-3791 (Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 ...)
NOT-FOR-US: Easy File Sharing
CVE-2014-3790 (Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows ...)
- TODO: check
+ NOT-FOR-US: VMware vCenter Server Appliance
CVE-2014-3789 (GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before ...)
NOT-FOR-US: Cogent DataHub
CVE-2014-3788 (Heap-based buffer overflow in the Web Server in Cogent Real-Time ...)
@@ -1690,7 +1690,7 @@
CVE-2014-3281 (The web framework in VOSS in Cisco Unified Communications Domain ...)
TODO: check
CVE-2014-3280 (The web framework in VOSS in Cisco Unified Communications Domain ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Domain Manager
CVE-2014-3279 (The Administration GUI in the web framework in VOSS in Cisco Unified ...)
NOT-FOR-US: Cisco Unified Communications Domain Manager
CVE-2014-3278 (The web framework in VOSS in Cisco Unified Communications Domain ...)
@@ -2490,7 +2490,7 @@
CVE-2014-2960
RESERVED
CVE-2014-2959 (logViewer.htm on the Dell ML6000 tape backup system with firmware ...)
- TODO: check
+ NOT-FOR-US: Quantum Scalar
CVE-2014-2958
RESERVED
CVE-2014-2957
@@ -2521,7 +2521,7 @@
CVE-2014-2947 (Cross-site scripting (XSS) vulnerability in Login.aspx in Bizagi BPM ...)
NOT-FOR-US: Bizagi BPM
CVE-2014-2946 (Cross-site request forgery (CSRF) vulnerability in api/sms/send-sms in ...)
- TODO: check
+ NOT-FOR-US: Huawei device
CVE-2014-2945
RESERVED
CVE-2014-2944
@@ -2535,7 +2535,7 @@
CVE-2014-2940
RESERVED
CVE-2014-2939 (Multiple cross-site scripting (XSS) vulnerabilities in Alfresco ...)
- TODO: check
+ NOT-FOR-US: Alfresco
CVE-2014-2938 (Hanvon FaceID before 1.007.110 does not require authentication, which ...)
NOT-FOR-US: Hanvon FaceID
CVE-2014-2937
@@ -21747,7 +21747,7 @@
CVE-2013-2711
RESERVED
CVE-2013-2710 (Cross-site request forgery (CSRF) vulnerability in the Contextual ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Contextual Related Posts
CVE-2013-2709 (Cross-site request forgery (CSRF) vulnerability in the FourSquare ...)
NOT-FOR-US: WordPress plugin FourSquare Checkins
CVE-2013-2708 (Cross-site request forgery (CSRF) vulnerability in the Content Slide ...)
More information about the Secure-testing-commits
mailing list