[Secure-testing-commits] r29770 - data/CVE
Helmut Grohne
helmutg at moszumanska.debian.org
Fri Oct 31 17:46:22 UTC 2014
Author: helmutg
Date: 2014-10-31 17:46:22 +0000 (Fri, 31 Oct 2014)
New Revision: 29770
Modified:
data/CVE/list
Log:
misc NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-31 16:28:29 UTC (rev 29769)
+++ data/CVE/list 2014-10-31 17:46:22 UTC (rev 29770)
@@ -3139,7 +3139,7 @@
CVE-2014-7146
RESERVED
CVE-2014-7140 (Unspecified vulnerability in the management interface in Citrix ...)
- TODO: check
+ NOT-FOR-US: Citrix NetScaler
CVE-2014-7139 (Multiple cross-site scripting (XSS) vulnerabilities in the Contact ...)
NOT-FOR-US: WordPress plugin Contact Form DB
CVE-2014-7138 (Cross-site scripting (XSS) vulnerability in the Google Calendar Events ...)
@@ -6804,7 +6804,7 @@
CVE-2014-5256 (Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider ...)
- nodejs <unfixed> (bug #760385)
CVE-2014-7402 (The SK encar (aka com.encardirect.app) application @7F050000 for ...)
- TODO: check
+ NOT-FOR-US: SK encar (aka com.encardirect.app) application for Android
CVE-2013-7402
RESERVED
- c-icap 1:0.3.1-1
@@ -7274,9 +7274,9 @@
CVE-2014-5277
RESERVED
CVE-2014-5276 (Multiple cross-site scripting (XSS) vulnerabilities in Pro Chat Rooms ...)
- TODO: check
+ NOT-FOR-US: Pro Chat Rooms
CVE-2014-5275 (Multiple SQL injection vulnerabilities in includes/functions.php in ...)
- TODO: check
+ NOT-FOR-US: Pro Chat Rooms
CVE-2014-5264
RESERVED
CVE-2014-5259 (Cross-site scripting (XSS) vulnerability in cattranslate.php in the ...)
@@ -7817,7 +7817,7 @@
CVE-2014-5099
RESERVED
CVE-2014-5098 (Cross-site scripting (XSS) vulnerability in the Search module before ...)
- TODO: check
+ NOT-FOR-US: Jamroom Search module
CVE-2014-5097 (Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR ...)
NOT-FOR-US: ArticleFR
CVE-2014-5096
@@ -7825,7 +7825,7 @@
CVE-2014-5095
RESERVED
CVE-2014-5094 (Status2k allows remote attackers to obtain configuration information ...)
- TODO: check
+ NOT-FOR-US: Status2k
CVE-2014-5093
RESERVED
CVE-2014-5092
@@ -7977,9 +7977,9 @@
CVE-2014-5007
RESERVED
CVE-2014-5006 (Directory traversal vulnerability in ZOHO ManageEngine Desktop Central ...)
- TODO: check
+ NOT-FOR-US: ZOHO ManageEngine
CVE-2014-5005 (Directory traversal vulnerability in ZOHO ManageEngine Desktop Central ...)
- TODO: check
+ NOT-FOR-US: ZOHO ManageEngine
CVE-2013-7393 (The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local ...)
- subversion 1.8.5-1 (unimportant)
NOTE: Optional admin-side utilities in Subversion 1.8.x
@@ -9117,7 +9117,7 @@
CVE-2014-4578 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: WordPress plugin WP App Maker
CVE-2014-4577 (Absolute path traversal vulnerability in reviews.php in the WP AmASIN ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin WP AmASIN - The Amazon Affiliate Shop
CVE-2014-4576 (Cross-site scripting (XSS) vulnerability in services/diagnostics.php ...)
NOT-FOR-US: WordPress plugin WordPress Social Login
CVE-2014-4575 (Cross-site scripting (XSS) vulnerability in js/window.php in the ...)
@@ -9237,13 +9237,13 @@
CVE-2014-4518 (Cross-site scripting (XSS) vulnerability in xd_resize.php in the ...)
NOT-FOR-US: WordPress plugin Contact Form by ContactMe.com
CVE-2014-4517 (Cross-site scripting (XSS) vulnerability in getNetworkSites.php in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin CBI Referral Manager
CVE-2014-4516 (Cross-site scripting (XSS) vulnerability in bicm-carousel-preview.php ...)
NOT-FOR-US: WordPress plugin BIC Media Widget
CVE-2014-4515 (Cross-site scripting (XSS) vulnerability in mce_anyfont/dialog.php in ...)
NOT-FOR-US: WordPress plugin AnyFont
CVE-2014-4514 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Alipay plugin
CVE-2014-4513 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: WordPress plugin ActiveHelper LiveHelp Live Chat
CVE-2014-4512
@@ -15803,7 +15803,7 @@
CVE-2014-2082
RESERVED
CVE-2014-2081 (Multiple SQL injection vulnerabilities in the login in ...)
- TODO: check
+ NOT-FOR-US: Innovative vtls-Virtua
CVE-2014-2080 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: MODx Revolution
CVE-2014-2079 [File New sets inappropriate permissions in ACL enabled directories]
@@ -42987,9 +42987,9 @@
CVE-2012-5703 (The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers ...)
NOT-FOR-US: VMware ESXi
CVE-2012-5702 (Multiple cross-site scripting (XSS) vulnerabilities in dotProject ...)
- TODO: check
+ NOT-FOR-US: dotProject
CVE-2012-5701 (Multiple SQL injection vulnerabilities in dotProject before 2.1.7 ...)
- TODO: check
+ NOT-FOR-US: dotProject
CVE-2012-5700 (Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko ...)
NOT-FOR-US: Baby Gekko
CVE-2012-5699
@@ -42999,13 +42999,13 @@
CVE-2012-5979
REJECTED
CVE-2012-5697 (The btinstall installation script in Bulb Security Smartphone Pentest ...)
- TODO: check
+ NOT-FOR-US: Smartphone Pentest Framework
CVE-2012-5696 (Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not ...)
- TODO: check
+ NOT-FOR-US: Smartphone Pentest Framework
CVE-2012-5695 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb ...)
- TODO: check
+ NOT-FOR-US: Smartphone Pentest Framework
CVE-2012-5694 (Multiple SQL injection vulnerabilities in Bulb Security Smartphone ...)
- TODO: check
+ NOT-FOR-US: Smartphone Pentest Framework
CVE-2012-5693
RESERVED
CVE-2012-5692 (Unspecified vulnerability in admin/sources/base/core.php in Invision ...)
@@ -51725,7 +51725,7 @@
- python-crypto 2.6-1
NOTE: https://bugs.launchpad.net/pycrypto/+bug/985164
CVE-2012-2413 (Cross-site scripting (XSS) vulnerability in the ja_purity template for ...)
- TODO: check
+ NOT-FOR-US: Joomla template
CVE-2012-2412
RESERVED
CVE-2012-2411 (Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and ...)
More information about the Secure-testing-commits
mailing list