[Secure-testing-commits] r27356 - data/CVE
Raphael Geissert
geissert at moszumanska.debian.org
Wed Jun 18 21:20:38 UTC 2014
Author: geissert
Date: 2014-06-18 21:20:38 +0000 (Wed, 18 Jun 2014)
New Revision: 27356
Modified:
data/CVE/list
Log:
some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-18 19:47:22 UTC (rev 27355)
+++ data/CVE/list 2014-06-18 21:20:38 UTC (rev 27356)
@@ -7,13 +7,13 @@
CVE-2014-4191 (The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share for C ...)
TODO: check
CVE-2014-4190 (Multiple heap-based buffer overflows in Huawei Campus Series Switches ...)
- TODO: check
+ NOT-FOR-US: Huawei Campus Series Switches
CVE-2014-4189 (Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager ...)
- TODO: check
+ NOT-FOR-US: Hitachi Tuning Manager
CVE-2014-4188 (Cross-site request forgery (CSRF) vulnerability in Hitachi Tuning ...)
- TODO: check
+ NOT-FOR-US: Hitachi Tuning Manager
CVE-2014-4187 (Cross-site scripting (XSS) vulnerability in signup.php in ClipBucket ...)
- TODO: check
+ NOT-FOR-US: ClipBucket
CVE-2014-4186
RESERVED
CVE-2014-4185
@@ -58,17 +58,17 @@
CVE-2014-4165 (Cross-site scripting (XSS) vulnerability in ntop allows remote ...)
- ntop <unfixed> (bug #751946)
CVE-2014-4164 (Cross-site scripting (XSS) vulnerability in AlogoSec FireFlow 6.3-b230 ...)
- TODO: check
+ NOT-FOR-US: AlogoSec FireFlow
CVE-2014-4163 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
TODO: check
CVE-2014-4162 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: Zyxel P-660HW-T1 wireless
CVE-2014-4161 (Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP ...)
- TODO: check
+ NOT-FOR-US: SAP Supplier Relationship Management
CVE-2014-4160 (Multiple cross-site scripting (XSS) vulnerabilities in the testcanvas ...)
- TODO: check
+ NOT-FOR-US: SAP NetWeaver Business Client
CVE-2014-4159 (Open redirect vulnerability in SAP Supplier Relationship Management ...)
- TODO: check
+ NOT-FOR-US: SAP Supplier Relationship Management
CVE-2014-4158 (Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to ...)
TODO: check
CVE-2014-4156
@@ -296,13 +296,13 @@
CVE-2014-4036 (Cross-site scripting (XSS) vulnerability in modules/system/admin.php ...)
TODO: check
CVE-2014-4035 (Cross-site scripting (XSS) vulnerability in booking_details.php in ...)
- TODO: check
+ NOT-FOR-US: Advance Hotel Booking System
CVE-2014-4034 (SQL injection vulnerability in zero_view_article.php in ZeroCMS 1.0 ...)
- TODO: check
+ NOT-FOR-US: ZeroCMS
CVE-2014-4033 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Epignosis eFront
CVE-2014-4032 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Fiyo CMS
CVE-2014-4031
RESERVED
CVE-2014-4030
@@ -480,9 +480,9 @@
CVE-2014-3978
RESERVED
CVE-2014-3977 (libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2014-3976 (Buffer overflow in A10 Networks Advanced Core Operating System (ACOS) ...)
- TODO: check
+ NOT-FOR-US: A10 Networks Advanced Core Operating System
CVE-2014-3975 (Absolute path traversal vulnerability in filemanager.php in AuraCMS ...)
NOT-FOR-US: AuraCMS
CVE-2014-3974 (Cross-site scripting (XSS) vulnerability in filemanager.php in AuraCMS ...)
@@ -621,11 +621,11 @@
CVE-2014-3914
RESERVED
CVE-2014-3913 (Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow ...)
- TODO: check
+ NOT-FOR-US: Ericom AccessNow Server
CVE-2014-3912 (Stack-based buffer overflow in the FindConfigChildeKeyList method in ...)
- TODO: check
+ NOT-FOR-US: Samsung iPOLiS Device Manager
CVE-2014-3911 (Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Samsung iPOLiS Device Manager
CVE-2014-3910
RESERVED
CVE-2014-3909
@@ -881,11 +881,11 @@
CVE-2014-3815
RESERVED
CVE-2014-3814 (The Juniper Networks NetScreen Firewall devices with ScreenOS before ...)
- TODO: check
+ NOT-FOR-US: Juniper Networks NetScreen Firewall
CVE-2014-3813 (Unspecified vulnerability in the Juniper Networks NetScreen Firewall ...)
- TODO: check
+ NOT-FOR-US: Juniper Networks NetScreen Firewall
CVE-2014-3812 (The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with ...)
- TODO: check
+ NOT-FOR-US: Juniper Junos Pulse Secure Access Service
CVE-2014-3811
RESERVED
CVE-2014-3810
@@ -1751,7 +1751,7 @@
CVE-2014-3429
RESERVED
CVE-2014-3428 (Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with ...)
- TODO: check
+ NOT-FOR-US: Yealink VoIP Phones
CVE-2014-3427
RESERVED
CVE-2014-3420
@@ -2005,17 +2005,17 @@
CVE-2014-3296
RESERVED
CVE-2014-3295 (The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows ...)
- TODO: check
+ NOT-FOR-US: Cisco NX-OS
CVE-2014-3294 (Cisco WebEx Meeting Server does not properly restrict the content of ...)
- TODO: check
+ NOT-FOR-US: Cisco WebEx Meeting Server
CVE-2014-3293
RESERVED
CVE-2014-3292 (The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2014-3291 (Cisco Wireless LAN Controller (WLC) devices allow remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Cisco Wireless LAN Controller
CVE-2014-3290 (The mDNS implementation in Cisco IOS XE 3.12S does not properly ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS XE
CVE-2014-3289 (Cross-site scripting (XSS) vulnerability in the web management ...)
TODO: check
CVE-2014-3288
More information about the Secure-testing-commits
mailing list