[Secure-testing-commits] r26850 - data/CVE
Henri Salo
fgeek-guest at moszumanska.debian.org
Wed May 7 07:14:41 UTC 2014
Author: fgeek-guest
Date: 2014-05-07 07:14:41 +0000 (Wed, 07 May 2014)
New Revision: 26850
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-05-07 07:08:50 UTC (rev 26849)
+++ data/CVE/list 2014-05-07 07:14:41 UTC (rev 26850)
@@ -167,25 +167,25 @@
CVE-2014-3140
RESERVED
CVE-2014-3139 (recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 ...)
- TODO: check
+ NOT-FOR-US: Unitrends Enterprise Backup
CVE-2014-3138 (SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 ...)
- TODO: check
+ NOT-FOR-US: Xerox DocuShare
CVE-2014-3136
RESERVED
CVE-2014-3135 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 5.1.1 ...)
- TODO: check
+ NOT-FOR-US: vBulletin
CVE-2014-3134 (Cross-site scripting (XSS) vulnerability in the InfoView application ...)
- TODO: check
+ NOT-FOR-US: SAP BusinessObjects
CVE-2014-3133 (SAP Netweaver Java Application Server does not properly restrict ...)
- TODO: check
+ NOT-FOR-US: SAP NetWeaver
CVE-2014-3132 (SAP Background Processing does not properly restrict access, which ...)
- TODO: check
+ NOT-FOR-US: SAP Background Processing
CVE-2014-3131 (SAP Profile Maintenance does not properly restrict access, which ...)
- TODO: check
+ NOT-FOR-US: SAP Solution Manager
CVE-2014-3130 (The ABAP Help documentation and translation tools (BC-DOC-HLP) in ...)
- TODO: check
+ NOT-FOR-US: SAP NetWeaver
CVE-2014-3129 (The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP ...)
- TODO: check
+ NOT-FOR-US: SAP NetWeaver
CVE-2014-3209 [ldnsutils: ldns-keygen creates private key world readable]
RESERVED
- ldns <unfixed> (low; bug #746758)
@@ -459,7 +459,7 @@
- python-imaging <removed>
NOTE: details what is covered exactly by this CVE relating to CVE-2014-1932 and CVE-2014-1933 is missing
CVE-2014-3006 (Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when ...)
- TODO: check
+ NOT-FOR-US: Sitepark Information Enterprise Server
CVE-2014-3005
RESERVED
CVE-2014-3004
@@ -1343,9 +1343,9 @@
NOT-FOR-US: Papercut MF/NG
NOTE: This is not the papercut NNTP server.
CVE-2014-2658 (Unspecified vulnerability in Papercut MF and NG before 14.1 (Build ...)
- TODO: check
+ NOT-FOR-US: PaperCut MF
CVE-2014-2657 (Unspecified vulnerability in the print release functionality in ...)
- TODO: check
+ NOT-FOR-US: PaperCut MF
CVE-2014-2654 (Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and ...)
NOT-FOR-US: MobFox mAdserve
CVE-2013-7346 (Cross-site request forgery (CSRF) vulnerability in Symphony CMS before ...)
@@ -1587,7 +1587,7 @@
CVE-2014-2566
RESERVED
CVE-2014-2565 (The commandline interface in Blue Coat Content Analysis System (CAS) ...)
- TODO: check
+ NOT-FOR-US: Blue Coat Content Analysis System
CVE-2014-2564
RESERVED
CVE-2014-2563
@@ -5583,7 +5583,7 @@
CVE-2014-0897
RESERVED
CVE-2014-0896 (IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2014-0895 (Buffer overflow in the vsflex8l ActiveX control in IBM SPSS ...)
NOT-FOR-US: IBM SPSS
CVE-2014-0894
@@ -5657,11 +5657,11 @@
CVE-2014-0860
RESERVED
CVE-2014-0859 (The web-server plugin in IBM WebSphere Application Server (WAS) 7.x ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2014-0858 (IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote ...)
NOT-FOR-US: IBM Content Navigator
CVE-2014-0857 (The Administrative Console in IBM WebSphere Application Server (WAS) ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2014-0856
RESERVED
CVE-2014-0855 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Connections ...)
@@ -5729,7 +5729,7 @@
CVE-2014-0824
RESERVED
CVE-2014-0823 (IBM WebSphere Application Server (WAS) 8.x before 8.0.0.9 and 8.5.x ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2014-0822 (The IMAP server in IBM Domino 8.5.x before 8.5.3 FP6 IF1 and 9.0.x ...)
NOT-FOR-US: IBM Domino
CVE-2014-0821 (SQL injection vulnerability in the download feature in Cybozu Garoon ...)
@@ -5872,7 +5872,7 @@
CVE-2014-0787 (Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 ...)
NOT-FOR-US: WellinTech KingSCADA
CVE-2014-0786 (Ecava IntegraXor before 4.1.4393 allows remote attackers to read ...)
- TODO: check
+ NOT-FOR-US: Ecava IntegraXor
CVE-2014-0785
RESERVED
CVE-2014-0784 (Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 ...)
@@ -6153,7 +6153,7 @@
CVE-2014-0647 (The Starbucks 2.6.1 application for iOS stores sensitive information ...)
NOT-FOR-US: Starbucks iOS application
CVE-2014-0646 (The runtime WS component in the server in EMC RSA Access Manager 6.1.3 ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2014-0645 (EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File ...)
NOT-FOR-US: EMC
CVE-2014-0644 (EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote ...)
More information about the Secure-testing-commits
mailing list