[Secure-testing-commits] r29828 - data/CVE
Federico Ceratto
federico-guest at moszumanska.debian.org
Tue Nov 4 12:08:01 UTC 2014
Author: federico-guest
Date: 2014-11-04 12:08:01 +0000 (Tue, 04 Nov 2014)
New Revision: 29828
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-04 11:48:56 UTC (rev 29827)
+++ data/CVE/list 2014-11-04 12:08:01 UTC (rev 29828)
@@ -79,9 +79,9 @@
CVE-2014-8507
RESERVED
CVE-2014-8506 (Multiple SQL injection vulnerabilities in Etiko CMS allow remote ...)
- TODO: check
+ NOT-FOR-US: Etiko CMS
CVE-2014-8505 (Multiple cross-site scripting (XSS) vulnerabilities in Etiko CMS allow ...)
- TODO: check
+ NOT-FOR-US: Etiko CMS
CVE-2014-8504
RESERVED
- binutils <unfixed>
@@ -208,7 +208,7 @@
CVE-2014-8469
RESERVED
CVE-2013-7408 (F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP Analytics
CVE-2014-XXXX [unsafe use of flag file in /tmp]
- kexec-tools <unfixed> (bug #766772)
[wheezy] - kexec-tools <no-dsa> (Minor issue)
@@ -421,7 +421,7 @@
CVE-2014-8382
RESERVED
CVE-2014-8381 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Megapolis.Portal Manager
CVE-2014-8380 (Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote ...)
NOT-FOR-US: Splunk
CVE-2014-8379 (Multiple cross-site scripting (XSS) vulnerabilities in the Marketo MA ...)
@@ -496,7 +496,7 @@
CVE-2014-8347
RESERVED
CVE-2014-8346 (The Remote Controls feature on Samsung mobile devices does not ...)
- TODO: check
+ NOT-FOR-US: Samsung mobile devices
CVE-2014-8345
RESERVED
CVE-2014-8344
@@ -2747,7 +2747,7 @@
CVE-2014-7299 (Unspecified vulnerability in administrative interfaces in ArubaOS ...)
NOT-FOR-US: Aruba ArubaOS
CVE-2014-7298 (adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify ...)
- TODO: check
+ NOT-FOR-US: Centrify
CVE-2014-7297 (Unspecified vulnerability in the folder framework in the Enfold theme ...)
NOT-FOR-US: folder framework in the Enfold theme for WordPress
CVE-2014-7296 (The default configuration in the accessibility engine in SpagoBI 5.0.0 ...)
@@ -2757,7 +2757,7 @@
CVE-2014-7293
RESERVED
CVE-2014-7292 (Open redirect vulnerability in the Click-Through feature in ...)
- TODO: check
+ NOT-FOR-US: Newtelligence dasBlog
CVE-2014-7291
RESERVED
CVE-2014-7290
@@ -2775,7 +2775,7 @@
CVE-2014-7282
RESERVED
CVE-2014-7281 (Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda ...)
- TODO: check
+ NOT-FOR-US: Tenda A32 Router
CVE-2014-7280 (Cross-site scripting (XSS) vulnerability in the Web UI before 2.3.4 ...)
NOT-FOR-US: Nessus Web UI
CVE-2014-7279
@@ -4199,7 +4199,7 @@
CVE-2014-6636 (The LG Telepresence (aka com.rsupport.rtc.lge) application 2.0.12 ...)
NOT-FOR-US: LG Telepresence (aka com.rsupport.rtc.lge) application for Android
CVE-2014-6635 (Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.0 allows ...)
- TODO: check
+ NOT-FOR-US: Exponent CMS
CVE-2014-6634
RESERVED
CVE-2014-6633
@@ -4250,7 +4250,7 @@
CVE-2014-6612
RESERVED
CVE-2014-6611 (The BlackBerry World app before 5.0.0.262 on BlackBerry 10 OS 10.2.0, ...)
- TODO: check
+ NOT-FOR-US: BlackBerry
CVE-2014-6609
RESERVED
CVE-2014-6608
@@ -10408,7 +10408,7 @@
CVE-2014-4024
RESERVED
CVE-2014-4023 (Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2014-4022 (The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, ...)
- xen <not-affected> (Only 32- and 64-bit ARM systems from Xen 4.4 onwards)
CVE-2014-4019
@@ -12322,7 +12322,7 @@
CVE-2014-3410
RESERVED
CVE-2014-3409 (The Ethernet Connectivity Fault Management (CFM) handling feature in ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2014-3408 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
NOT-FOR-US: Cisco Prime Optical
CVE-2014-3407
@@ -12554,7 +12554,7 @@
CVE-2014-3294 (Cisco WebEx Meeting Server does not properly restrict the content of ...)
NOT-FOR-US: Cisco WebEx Meeting Server
CVE-2014-3293 (Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2014-3292 (The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified ...)
NOT-FOR-US: Cisco Unified Communications Manager
CVE-2014-3291 (Cisco Wireless LAN Controller (WLC) devices allow remote attackers to ...)
@@ -13256,7 +13256,7 @@
CVE-2014-3052 (The reverse-proxy feature in IBM Security Access Manager (ISAM) for ...)
NOT-FOR-US: IBM ISAM
CVE-2014-3051 (The Internet Service Monitor (ISM) agent in IBM Tivoli Composite ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli
CVE-2014-3050 (IBM Rational Team Concert (RTC) 3.x before 3.0.1.6 IF3 and 4.x before ...)
NOT-FOR-US: IBM Rational Team Concert
CVE-2014-3049
@@ -19502,7 +19502,7 @@
CVE-2014-0620 (Multiple cross-site scripting (XSS) vulnerabilities in Technicolor ...)
NOT-FOR-US: Technicolor TC7200 STD6.01.12
CVE-2014-0619 (Untrusted search path vulnerability in Hamster Free ZIP Archiver ...)
- TODO: check
+ NOT-FOR-US: Hamster Free ZIP Archiver
CVE-2014-0618 (Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R ...)
NOT-FOR-US: SRX Services Gateways
CVE-2014-0617 (Juniper Junos 10.4S before 10.4S15, 10.4R before 10.4R16, 11.4 before ...)
@@ -22601,7 +22601,7 @@
CVE-2013-6797 (Cross-site request forgery (CSRF) vulnerability in ...)
NOT-FOR-US: Wordpress plugin
CVE-2013-6796 (The SMTP server in DeepOfix 3.3 and earlier allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: DeepOfix
CVE-2013-6795 (The Updater in Rackspace Openstack Windows Guest Agent for XenServer ...)
NOT-FOR-US: Rackspace Windows Agent and Updater
CVE-2013-6794 (Cross-site scripting (XSS) vulnerability in the Calendar module in ...)
More information about the Secure-testing-commits
mailing list