[Secure-testing-commits] r28903 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Thu Sep 18 21:14:13 UTC 2014
Author: joeyh
Date: 2014-09-18 21:14:13 +0000 (Thu, 18 Sep 2014)
New Revision: 28903
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-18 20:44:20 UTC (rev 28902)
+++ data/CVE/list 2014-09-18 21:14:13 UTC (rev 28903)
@@ -1,3 +1,403 @@
+CVE-2014-6601
+ RESERVED
+CVE-2014-6600
+ RESERVED
+CVE-2014-6599
+ RESERVED
+CVE-2014-6598
+ RESERVED
+CVE-2014-6597
+ RESERVED
+CVE-2014-6596
+ RESERVED
+CVE-2014-6595
+ RESERVED
+CVE-2014-6594
+ RESERVED
+CVE-2014-6593
+ RESERVED
+CVE-2014-6592
+ RESERVED
+CVE-2014-6591
+ RESERVED
+CVE-2014-6590
+ RESERVED
+CVE-2014-6589
+ RESERVED
+CVE-2014-6588
+ RESERVED
+CVE-2014-6587
+ RESERVED
+CVE-2014-6586
+ RESERVED
+CVE-2014-6585
+ RESERVED
+CVE-2014-6584
+ RESERVED
+CVE-2014-6583
+ RESERVED
+CVE-2014-6582
+ RESERVED
+CVE-2014-6581
+ RESERVED
+CVE-2014-6580
+ RESERVED
+CVE-2014-6579
+ RESERVED
+CVE-2014-6578
+ RESERVED
+CVE-2014-6577
+ RESERVED
+CVE-2014-6576
+ RESERVED
+CVE-2014-6575
+ RESERVED
+CVE-2014-6574
+ RESERVED
+CVE-2014-6573
+ RESERVED
+CVE-2014-6572
+ RESERVED
+CVE-2014-6571
+ RESERVED
+CVE-2014-6570
+ RESERVED
+CVE-2014-6569
+ RESERVED
+CVE-2014-6568
+ RESERVED
+CVE-2014-6567
+ RESERVED
+CVE-2014-6566
+ RESERVED
+CVE-2014-6565
+ RESERVED
+CVE-2014-6564
+ RESERVED
+CVE-2014-6563
+ RESERVED
+CVE-2014-6562
+ RESERVED
+CVE-2014-6561
+ RESERVED
+CVE-2014-6560
+ RESERVED
+CVE-2014-6559
+ RESERVED
+CVE-2014-6558
+ RESERVED
+CVE-2014-6557
+ RESERVED
+CVE-2014-6556
+ RESERVED
+CVE-2014-6555
+ RESERVED
+CVE-2014-6554
+ RESERVED
+CVE-2014-6553
+ RESERVED
+CVE-2014-6552
+ RESERVED
+CVE-2014-6551
+ RESERVED
+CVE-2014-6550
+ RESERVED
+CVE-2014-6549
+ RESERVED
+CVE-2014-6548
+ RESERVED
+CVE-2014-6547
+ RESERVED
+CVE-2014-6546
+ RESERVED
+CVE-2014-6545
+ RESERVED
+CVE-2014-6544
+ RESERVED
+CVE-2014-6543
+ RESERVED
+CVE-2014-6542
+ RESERVED
+CVE-2014-6541
+ RESERVED
+CVE-2014-6540
+ RESERVED
+CVE-2014-6539
+ RESERVED
+CVE-2014-6538
+ RESERVED
+CVE-2014-6537
+ RESERVED
+CVE-2014-6536
+ RESERVED
+CVE-2014-6535
+ RESERVED
+CVE-2014-6534
+ RESERVED
+CVE-2014-6533
+ RESERVED
+CVE-2014-6532
+ RESERVED
+CVE-2014-6531
+ RESERVED
+CVE-2014-6530
+ RESERVED
+CVE-2014-6529
+ RESERVED
+CVE-2014-6528
+ RESERVED
+CVE-2014-6527
+ RESERVED
+CVE-2014-6526
+ RESERVED
+CVE-2014-6525
+ RESERVED
+CVE-2014-6524
+ RESERVED
+CVE-2014-6523
+ RESERVED
+CVE-2014-6522
+ RESERVED
+CVE-2014-6521
+ RESERVED
+CVE-2014-6520
+ RESERVED
+CVE-2014-6519
+ RESERVED
+CVE-2014-6518
+ RESERVED
+CVE-2014-6517
+ RESERVED
+CVE-2014-6516
+ RESERVED
+CVE-2014-6515
+ RESERVED
+CVE-2014-6514
+ RESERVED
+CVE-2014-6513
+ RESERVED
+CVE-2014-6512
+ RESERVED
+CVE-2014-6511
+ RESERVED
+CVE-2014-6510
+ RESERVED
+CVE-2014-6509
+ RESERVED
+CVE-2014-6508
+ RESERVED
+CVE-2014-6507
+ RESERVED
+CVE-2014-6506
+ RESERVED
+CVE-2014-6505
+ RESERVED
+CVE-2014-6504
+ RESERVED
+CVE-2014-6503
+ RESERVED
+CVE-2014-6502
+ RESERVED
+CVE-2014-6501
+ RESERVED
+CVE-2014-6500
+ RESERVED
+CVE-2014-6499
+ RESERVED
+CVE-2014-6498
+ RESERVED
+CVE-2014-6497
+ RESERVED
+CVE-2014-6496
+ RESERVED
+CVE-2014-6495
+ RESERVED
+CVE-2014-6494
+ RESERVED
+CVE-2014-6493
+ RESERVED
+CVE-2014-6492
+ RESERVED
+CVE-2014-6491
+ RESERVED
+CVE-2014-6490
+ RESERVED
+CVE-2014-6489
+ RESERVED
+CVE-2014-6488
+ RESERVED
+CVE-2014-6487
+ RESERVED
+CVE-2014-6486
+ RESERVED
+CVE-2014-6485
+ RESERVED
+CVE-2014-6484
+ RESERVED
+CVE-2014-6483
+ RESERVED
+CVE-2014-6482
+ RESERVED
+CVE-2014-6481
+ RESERVED
+CVE-2014-6480
+ RESERVED
+CVE-2014-6479
+ RESERVED
+CVE-2014-6478
+ RESERVED
+CVE-2014-6477
+ RESERVED
+CVE-2014-6476
+ RESERVED
+CVE-2014-6475
+ RESERVED
+CVE-2014-6474
+ RESERVED
+CVE-2014-6473
+ RESERVED
+CVE-2014-6472
+ RESERVED
+CVE-2014-6471
+ RESERVED
+CVE-2014-6470
+ RESERVED
+CVE-2014-6469
+ RESERVED
+CVE-2014-6468
+ RESERVED
+CVE-2014-6467
+ RESERVED
+CVE-2014-6466
+ RESERVED
+CVE-2014-6465
+ RESERVED
+CVE-2014-6464
+ RESERVED
+CVE-2014-6463
+ RESERVED
+CVE-2014-6462
+ RESERVED
+CVE-2014-6461
+ RESERVED
+CVE-2014-6460
+ RESERVED
+CVE-2014-6459
+ RESERVED
+CVE-2014-6458
+ RESERVED
+CVE-2014-6457
+ RESERVED
+CVE-2014-6456
+ RESERVED
+CVE-2014-6455
+ RESERVED
+CVE-2014-6454
+ RESERVED
+CVE-2014-6453
+ RESERVED
+CVE-2014-6452
+ RESERVED
+CVE-2014-6451
+ RESERVED
+CVE-2014-6450
+ RESERVED
+CVE-2014-6449
+ RESERVED
+CVE-2014-6448
+ RESERVED
+CVE-2014-6447
+ RESERVED
+CVE-2014-6446
+ RESERVED
+CVE-2014-6445
+ RESERVED
+CVE-2014-6444
+ RESERVED
+CVE-2014-6443
+ RESERVED
+CVE-2014-6442
+ RESERVED
+CVE-2014-6441
+ RESERVED
+CVE-2014-6440
+ RESERVED
+CVE-2014-6439
+ RESERVED
+CVE-2014-6438
+ RESERVED
+CVE-2014-6437
+ RESERVED
+CVE-2014-6436
+ RESERVED
+CVE-2014-6435
+ RESERVED
+CVE-2014-6434
+ RESERVED
+CVE-2014-6433
+ RESERVED
+CVE-2014-6420
+ RESERVED
+CVE-2014-6419
+ RESERVED
+CVE-2014-6415
+ RESERVED
+CVE-2014-6413
+ RESERVED
+CVE-2014-6412
+ RESERVED
+CVE-2014-6411
+ RESERVED
+CVE-2014-6409
+ RESERVED
+CVE-2014-6408
+ RESERVED
+CVE-2014-6407
+ RESERVED
+CVE-2014-6406
+ RESERVED
+CVE-2014-6405
+ RESERVED
+CVE-2014-6404
+ RESERVED
+CVE-2014-6403
+ RESERVED
+CVE-2014-6402
+ RESERVED
+CVE-2014-6401
+ RESERVED
+CVE-2014-6400
+ RESERVED
+CVE-2014-6399
+ RESERVED
+CVE-2014-6398
+ RESERVED
+CVE-2014-6397
+ RESERVED
+CVE-2014-6396
+ RESERVED
+CVE-2014-6395
+ RESERVED
+CVE-2014-6394
+ RESERVED
+CVE-2014-6393
+ RESERVED
+CVE-2014-6392 (Cross-site scripting (XSS) vulnerability in the Facebook app 14.0 and ...)
+ TODO: check
+CVE-2014-6391
+ RESERVED
+CVE-2014-6390
+ RESERVED
+CVE-2014-6389
+ RESERVED
+CVE-2014-6388
+ RESERVED
+CVE-2013-7402
+ RESERVED
+CVE-2013-7401
+ RESERVED
+CVE-2012-6658 (Multiple cross-site scripting (XSS) vulnerabilities in SpiceWorks ...)
+ TODO: check
CVE-2014-XXXX [twisted: trustRoot not respected in HTTP client]
- twisted <unfixed> (bug #761983)
[wheezy] - twisted <not-affected> (Only affects 14.0 series)
@@ -8,80 +408,98 @@
- linux-2.6 <not-affected> (Introduced in 3.7)
NOTE: upstream fix: https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce (v3.17-rc2)
CVE-2014-6432 [DOS Sniffer file parser flaw (wnpa-sec-2014-19)]
+ RESERVED
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
TODO: check
CVE-2014-6431 [DOS Sniffer file parser flaw (wnpa-sec-2014-19)]
+ RESERVED
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
TODO: check
CVE-2014-6430 [DOS Sniffer file parser flaw (wnpa-sec-2014-19)]
+ RESERVED
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
TODO: check
CVE-2014-6429 [DOS Sniffer file parser flaw (wnpa-sec-2014-19)]
+ RESERVED
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
TODO: check
CVE-2014-6428 [SES dissector crash (wnpa-sec-2014-18)]
+ RESERVED
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-18.html
TODO: check
CVE-2014-6427 [RTSP dissector crash (wnpa-sec-2014-17)]
+ RESERVED
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-17.html
TODO: check
CVE-2014-6426 [HIP dissector infinite loop (wnpa-sec-2014-16)]
+ RESERVED
- wireshark <unfixed>
[wheezy] - wireshark <not-affected> (Only applies to 1.12.x)
[squeeze] - wireshark <not-affected> (Only applies to 1.12.x)
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-16.html
CVE-2014-6425 [CUPS dissector crash (wnpa-sec-2014-15)]
+ RESERVED
- wireshark <unfixed>
[wheezy] - wireshark <not-affected> (Only applies to 1.12.x)
[squeeze] - wireshark <not-affected> (Only applies to 1.12.x)
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-15.html
CVE-2014-6424 [Netflow dissector crash (wnpa-sec-2014-14)]
+ RESERVED
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-14.html
TODO: check
CVE-2014-6423 [MEGACO dissector infinite loop (wnpa-sec-2014-13)]
+ RESERVED
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-13.html
TODO: check
CVE-2014-6422 [RTP dissector crash (wnpa-sec-2014-12)]
+ RESERVED
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-12.html
TODO: check
CVE-2014-6421 [RTP dissector crash (wnpa-sec-2014-12)]
+ RESERVED
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-12.html
TODO: check
CVE-2014-6418 [libceph: missing validation of the auth reply]
+ RESERVED
- linux <unfixed>
- linux-2.6 <removed>
[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
NOTE: http://tracker.ceph.com/issues/8979
CVE-2014-6417 [libceph: issue of incorrect handling of kmalloc failures]
+ RESERVED
- linux <unfixed>
- linux-2.6 <removed>
[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
NOTE: http://tracker.ceph.com/issues/8979
CVE-2014-6416 [libceph: buffer overflow]
+ RESERVED
- linux <unfixed>
- linux-2.6 <removed>
[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
NOTE: http://tracker.ceph.com/issues/8979
CVE-2014-6414 [Admin-only network attributes may be reset to defaults by non-privileged users]
+ RESERVED
- neutron <unfixed>
CVE-2014-6410 [udf: Avoid infinite loop when processing indirect ICBs]
+ RESERVED
- linux <unfixed>
- linux-2.6 <removed>
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c03aa9f6e1f938618e6db2e23afef0574efeeb65 (v3.17-rc5)
CVE-2012-6657 [net: guard tcp_set_keepalive against crash]
+ RESERVED
- linux 3.6.4-1
[wheezy] - linux 3.2.32-1
- linux-2.6 <removed>
@@ -366,6 +784,7 @@
RESERVED
TODO: check
CVE-2014-6387 [Null byte poisoning in LDAP authentication]
+ RESERVED
- mantis <removed>
[wheezy] - mantis <no-dsa> (Minor issue)
[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
@@ -384,8 +803,7 @@
CVE-2014-6310
RESERVED
- chicken <not-affected> (Affects only CHICKEN Scheme on the Android platform)
-CVE-2014-6270 [off-by-one error in snmpHandleUdp() leading to a bss-based buffer overflow]
- RESERVED
+CVE-2014-6270 (Off-by-one error in the snmpHandleUdp function in snmp_core.cc in ...)
- squid <unfixed> (unimportant)
NOTE: SNMP not built in squid 2
- squid3 <unfixed> (low; bug #761002)
@@ -830,7 +1248,7 @@
NOT-FOR-US: ZOHO ManageEngine EventLog Analyzer
CVE-2014-6042
RESERVED
-CVE-2014-6041 (The Android Browser application 4.2.1 on Android allows remote ...)
+CVE-2014-6041 (The Android WebView in Android before 4.4 allows remote attackers to ...)
NOT-FOR-US: Android Browser application
CVE-2014-6039
RESERVED
@@ -990,156 +1408,156 @@
RESERVED
CVE-2014-5958
RESERVED
-CVE-2014-5957
- RESERVED
-CVE-2014-5956
- RESERVED
-CVE-2014-5955
- RESERVED
-CVE-2014-5954
- RESERVED
-CVE-2014-5953
- RESERVED
-CVE-2014-5952
- RESERVED
-CVE-2014-5951
- RESERVED
-CVE-2014-5950
- RESERVED
-CVE-2014-5949
- RESERVED
-CVE-2014-5948
- RESERVED
-CVE-2014-5947
- RESERVED
-CVE-2014-5946
- RESERVED
-CVE-2014-5945
- RESERVED
-CVE-2014-5944
- RESERVED
-CVE-2014-5943
- RESERVED
-CVE-2014-5942
- RESERVED
-CVE-2014-5941
- RESERVED
-CVE-2014-5940
- RESERVED
-CVE-2014-5939
- RESERVED
-CVE-2014-5938
- RESERVED
-CVE-2014-5937
- RESERVED
-CVE-2014-5936
- RESERVED
-CVE-2014-5935
- RESERVED
-CVE-2014-5934
- RESERVED
-CVE-2014-5933
- RESERVED
-CVE-2014-5932
- RESERVED
-CVE-2014-5931
- RESERVED
-CVE-2014-5930
- RESERVED
-CVE-2014-5929
- RESERVED
-CVE-2014-5928
- RESERVED
-CVE-2014-5927
- RESERVED
-CVE-2014-5926
- RESERVED
-CVE-2014-5925
- RESERVED
-CVE-2014-5924
- RESERVED
-CVE-2014-5923
- RESERVED
-CVE-2014-5922
- RESERVED
-CVE-2014-5921
- RESERVED
-CVE-2014-5920
- RESERVED
-CVE-2014-5919
- RESERVED
-CVE-2014-5918
- RESERVED
-CVE-2014-5917
- RESERVED
-CVE-2014-5916
- RESERVED
-CVE-2014-5915
- RESERVED
-CVE-2014-5914
- RESERVED
-CVE-2014-5913
- RESERVED
-CVE-2014-5912
- RESERVED
-CVE-2014-5911
- RESERVED
-CVE-2014-5910
- RESERVED
-CVE-2014-5909
- RESERVED
-CVE-2014-5908
- RESERVED
-CVE-2014-5907
- RESERVED
-CVE-2014-5906
- RESERVED
-CVE-2014-5905
- RESERVED
-CVE-2014-5904
- RESERVED
-CVE-2014-5903
- RESERVED
-CVE-2014-5902
- RESERVED
-CVE-2014-5901
- RESERVED
-CVE-2014-5900
- RESERVED
-CVE-2014-5899
- RESERVED
-CVE-2014-5898
- RESERVED
-CVE-2014-5897
- RESERVED
-CVE-2014-5896
- RESERVED
-CVE-2014-5895
- RESERVED
-CVE-2014-5894
- RESERVED
-CVE-2014-5893
- RESERVED
-CVE-2014-5892
- RESERVED
-CVE-2014-5891
- RESERVED
-CVE-2014-5890
- RESERVED
-CVE-2014-5889
- RESERVED
-CVE-2014-5888
- RESERVED
-CVE-2014-5887
- RESERVED
-CVE-2014-5886
- RESERVED
-CVE-2014-5885
- RESERVED
-CVE-2014-5884
- RESERVED
-CVE-2014-5883
- RESERVED
+CVE-2014-5957 (The Alien War Survivors (aka com.ly.a13.gp) application 1.3.1 for ...)
+ TODO: check
+CVE-2014-5956 (The VPlayer Video Player (aka me.abitno.vplayer.t) application 3.2.6 ...)
+ TODO: check
+CVE-2014-5955 (The Atomic Fusion (aka com.bytesized.fusion) application 1.7 for ...)
+ TODO: check
+CVE-2014-5954 (The State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application 2.0.1 ...)
+ TODO: check
+CVE-2014-5953 (The KASKUS (aka com.kaskus.android) application 2.13.0 for Android ...)
+ TODO: check
+CVE-2014-5952 (The E-Dziennik (aka com.librus.dziennik) application 0.5.2 for Android ...)
+ TODO: check
+CVE-2014-5951 (The SinoPac (aka com.sionpac.app.SinoPac) application 2.4.2 for ...)
+ TODO: check
+CVE-2014-5950 (The NOW (aka com.smtown.smtownnow.androidapp) application 0.9.8 for ...)
+ TODO: check
+CVE-2014-5949 (The TICKET APP - Concerts & Sports (aka com.xcr.android.ticketapp) ...)
+ TODO: check
+CVE-2014-5948 (The Obama for America (aka com.barackobama.ofa) application 1.02 for ...)
+ TODO: check
+CVE-2014-5947 (The psicofxp (aka com.tapatalk.psicofxpcom) application 2.4.12.15 for ...)
+ TODO: check
+CVE-2014-5946 (The forumhawaaworldcom (aka com.tapatalk.forumhawaaworldcom) ...)
+ TODO: check
+CVE-2014-5945 (The Edline Mobile (aka com.wEdlineFree) application 0.63.13369.34294 ...)
+ TODO: check
+CVE-2014-5944 (The Soccer Blitz (aka soccer.blitz) application 1.06 for Android does ...)
+ TODO: check
+CVE-2014-5943 (The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta ...)
+ TODO: check
+CVE-2014-5942 (The Baby Stomach Surgery (aka com.harriskerioe.stomachsurgery) ...)
+ TODO: check
+CVE-2014-5941 (The Armpit Spa & Girl Games (aka com.freegames.spamakeover) ...)
+ TODO: check
+CVE-2014-5940 (The PocketPC.ch (aka com.tapatalk.pocketpcch) application 3.9.51 for ...)
+ TODO: check
+CVE-2014-5939 (The travelzadcomvb (aka com.tapatalk.travelzadcomvb) application ...)
+ TODO: check
+CVE-2014-5938 (The AllDealsAsia All Deals ADA app (aka com.ada.deals) application ...)
+ TODO: check
+CVE-2014-5937 (The Social Networking (aka com.wSocialNetworkingSites) application ...)
+ TODO: check
+CVE-2014-5936 (The INCOgnito Private Browser (aka com.SL.InCoBrowser) application ...)
+ TODO: check
+CVE-2014-5935 (The Daily Free App @ Amazon (aka com.kattanweb.android.dfaa) ...)
+ TODO: check
+CVE-2014-5934 (The Flurv Chat (aka com.flurv.android) application 4.3.3 for Android ...)
+ TODO: check
+CVE-2014-5933 (The Coke Studio 7 (aka com.cokeshare.pakistan) application 1 for ...)
+ TODO: check
+CVE-2014-5932 (The Vodafone Mobile at Work (aka com.mobileiron.vodafone.MIClient) ...)
+ TODO: check
+CVE-2014-5931 (The Stop & Shop SCAN IT! Mobile (aka com.modivmedia.scanitss) ...)
+ TODO: check
+CVE-2014-5930 (The Store and Share (aka sg.com.singnet.mystorage.android) application ...)
+ TODO: check
+CVE-2014-5929 (The emartmall (aka kr.co.emart.emartmall) application 1.3.3 for ...)
+ TODO: check
+CVE-2014-5928 (The Steganos Online Shield VPN (aka com.steganos.onlineshield) ...)
+ TODO: check
+CVE-2014-5927 (The FastCustomer -- Fast Customer (aka www.fastcustomer.com) ...)
+ TODO: check
+CVE-2014-5926 (The DCU Mobile Banking (aka com.Vertifi.Mobile.P211391825) application ...)
+ TODO: check
+CVE-2014-5925 (The 10000 Kindle Books Downloads (aka ...)
+ TODO: check
+CVE-2014-5924 (The Monster Makeup (aka com.bearhugmedia.android_monster) application ...)
+ TODO: check
+CVE-2014-5923 (The Facebook Status Via (aka com.StatusViaAdvanced) application 3.5 ...)
+ TODO: check
+CVE-2014-5922 (The ga6748 (aka com.g.ga6748) application 1 for Android does not ...)
+ TODO: check
+CVE-2014-5921 (The Need for Speed Network (aka com.ea.nfsautolog.bv) application ...)
+ TODO: check
+CVE-2014-5920 (The VK Amberfog (aka com.amberfog.vkfree) application 3.5.6 for ...)
+ TODO: check
+CVE-2014-5919 (The SurDoc - 100GB+ FREE storage (aka com.jd.surdoc) application ...)
+ TODO: check
+CVE-2014-5918 (The Secret Circle - talk freely (aka com.easyxapp.secret) application ...)
+ TODO: check
+CVE-2014-5917 (The Slideshow 365 (aka com.Slideshow) application 3.6 for Android does ...)
+ TODO: check
+CVE-2014-5916 (The Minha Oi (aka br.com.mobicare.minhaoi) application 1.15.0 for ...)
+ TODO: check
+CVE-2014-5915 (The Tigo Copa Mundial FIFA 2014 (aka com.fwc2014.millicom.and) ...)
+ TODO: check
+CVE-2014-5914 (The Finansbank Cep Subesi (aka com.finansbank.mobile.cepsube) ...)
+ TODO: check
+CVE-2014-5913 (The Allies in War (aka com.gamelion.aiw) application 1.3.2 for Android ...)
+ TODO: check
+CVE-2014-5912 (The InNote (aka com.intsig.notes) application 1.0.3.20131119 for ...)
+ TODO: check
+CVE-2014-5911 (The Free App Icons & Icon Packs (aka com.jellytap.cooliconfinder) ...)
+ TODO: check
+CVE-2014-5910 (The Dog Whistle (aka com.dogwhistle.dogtrainingandroidapp) application ...)
+ TODO: check
+CVE-2014-5909 (The watcha (aka com.frograms.watcha) application 2.0.2 for Android ...)
+ TODO: check
+CVE-2014-5908 (The Kmart (aka com.kmart.android) application @7F0C00EF for Android ...)
+ TODO: check
+CVE-2014-5907 (The Pet Salon (aka com.libiitech.petsalon) application 1.0.1 for ...)
+ TODO: check
+CVE-2014-5906 (The Lil Wayne Slots: FREE SLOTS (aka com.lilwayneslots.slots.android) ...)
+ TODO: check
+CVE-2014-5905 (The Grocery List - Tomatoes (aka com.meucarrinho) application 5.1.4 ...)
+ TODO: check
+CVE-2014-5904 (The MiniInTheBox Online Shopping (aka com.miniinthebox.android) ...)
+ TODO: check
+CVE-2014-5903 (The Mobile at Work (aka com.mobileiron) application 6.0.0.1.12R for ...)
+ TODO: check
+CVE-2014-5902 (The UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) ...)
+ TODO: check
+CVE-2014-5901 (The Beauty Bible - App for Girls (aka com.my.beauty.bible) application ...)
+ TODO: check
+CVE-2014-5900 (The myHomework Student Planner (aka com.myhomeowork) application 3.0.2 ...)
+ TODO: check
+CVE-2014-5899 (The Nespresso (aka com.nespresso.activities) application 2.4.1 for ...)
+ TODO: check
+CVE-2014-5898 (The Heavy Duty Truck Driver Simulator 3D (aka ...)
+ TODO: check
+CVE-2014-5897 (The Parallel Mafia MMORPG (aka com.perblue.pm.client) application ...)
+ TODO: check
+CVE-2014-5896 (The GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) ...)
+ TODO: check
+CVE-2014-5895 (The ShopYourWay (aka com.sears.shopyourway) application 1.9 for ...)
+ TODO: check
+CVE-2014-5894 (The AireTalk: Text, Call, & More! (aka com.pingshow.amper) application ...)
+ TODO: check
+CVE-2014-5893 (The froyo (aka com.shinsegae.mobile.froyo) application 5.1.3 for ...)
+ TODO: check
+CVE-2014-5892 (The greenbill (aka com.show.greenbill_G) application 2.0.3 for Android ...)
+ TODO: check
+CVE-2014-5891 (The SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application ...)
+ TODO: check
+CVE-2014-5890 (The KBO sports2i 2014 (aka com.sports2i) application 5.1.00 for ...)
+ TODO: check
+CVE-2014-5889 (The Android Forums (aka com.tapatalk.androidforumscom) application ...)
+ TODO: check
+CVE-2014-5888 (The SLOTS: Bible Slots Free (aka com.topfreegames.topbibleslots) ...)
+ TODO: check
+CVE-2014-5887 (The Yell Local Search (aka com.yell.launcher2) application 4.2.1.4 for ...)
+ TODO: check
+CVE-2014-5886 (The iVysilani ceske televize (aka cz.motion.ivysilani) application 1.6 ...)
+ TODO: check
+CVE-2014-5885 (The Disaster Alert (aka disasterAlert.PDC) application 3.2 for Android ...)
+ TODO: check
+CVE-2014-5884 (The 1&1 Online Storage (aka de.einsundeins.smartdrive) application ...)
+ TODO: check
+CVE-2014-5883 (The 7-ELEVEN (aka ecowork.seven) application 2.08.000 for Android does ...)
+ TODO: check
CVE-2014-5882 (The Homoo Ijiri (aka jp.co.applica) application 3.7 for Android does ...)
NOT-FOR-US: Homoo Ijiri (aka jp.co.applica) application for Android
CVE-2014-5881 (The Yahoo! ybox (aka jp.co.yahoo.android.ybox) application 1.5.1 for ...)
@@ -2052,10 +2470,9 @@
NOTE: Upstream fix: https://git.gnome.org/browse/geary/commit/?h=geary-0.6&id=55f06a7bdcedb7efde6a516bde626ea28793ca7e
CVE-2014-5442
RESERVED
-CVE-2014-5441
- RESERVED
-CVE-2014-5440
- RESERVED
+CVE-2014-5441 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2014-5440 (SQL injection vulnerability in Login.aspx in MPEX Business Solutions ...)
NOT-FOR-US: MX-SmartTimer
CVE-2014-5439
RESERVED
@@ -2109,20 +2526,20 @@
RESERVED
CVE-2014-5414
RESERVED
-CVE-2014-5413
- RESERVED
-CVE-2014-5412
- RESERVED
-CVE-2014-5411
- RESERVED
+CVE-2014-5413 (Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 ...)
+ TODO: check
+CVE-2014-5412 (Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 ...)
+ TODO: check
+CVE-2014-5411 (Multiple cross-site scripting (XSS) vulnerabilities in Schneider ...)
+ TODO: check
CVE-2014-5410
RESERVED
CVE-2014-5409
RESERVED
CVE-2014-5408
RESERVED
-CVE-2014-5407
- RESERVED
+CVE-2014-5407 (Multiple stack-based buffer overflows in Schneider Electric VAMPSET ...)
+ TODO: check
CVE-2014-5406
RESERVED
CVE-2014-5405
@@ -2348,8 +2765,8 @@
RESERVED
CVE-2014-5318
RESERVED
-CVE-2014-5317
- RESERVED
+CVE-2014-5317 (Cross-site scripting (XSS) vulnerability in php365.com 365 Links 3.11 ...)
+ TODO: check
CVE-2014-5316
RESERVED
CVE-2014-5315
@@ -2454,8 +2871,7 @@
RESERVED
CVE-2014-5264
RESERVED
-CVE-2014-5259
- RESERVED
+CVE-2014-5259 (Cross-site scripting (XSS) vulnerability in cattranslate.php in the ...)
NOT-FOR-US: BlackCat CMS
CVE-2014-5258
RESERVED
@@ -2480,11 +2896,9 @@
CVE-2014-5236
RESERVED
- open-xchange <itp> (bug #269329)
-CVE-2014-5235
- RESERVED
+CVE-2014-5235 (Cross-site scripting (XSS) vulnerability in the frontend in ...)
- open-xchange <itp> (bug #269329)
-CVE-2014-5234
- RESERVED
+CVE-2014-5234 (Cross-site scripting (XSS) vulnerability in the backend in ...)
- open-xchange <itp> (bug #269329)
CVE-2012-6654 (Multiple SQL injection vulnerabilities in ZPanel 10.0.1 and earlier ...)
NOT-FOR-US: ZPanel
@@ -3636,22 +4050,22 @@
RESERVED
CVE-2014-4827
RESERVED
-CVE-2014-4826
- RESERVED
+CVE-2014-4826 (IBM Security QRadar SIEM 7.2 before 7.2.3 Patch 1 does not properly ...)
+ TODO: check
CVE-2014-4825
RESERVED
-CVE-2014-4824
- RESERVED
+CVE-2014-4824 (SQL injection vulnerability in IBM Security QRadar SIEM 7.2 before ...)
+ TODO: check
CVE-2014-4823
RESERVED
CVE-2014-4822
RESERVED
CVE-2014-4821
RESERVED
-CVE-2014-4820
- RESERVED
-CVE-2014-4819
- RESERVED
+CVE-2014-4820 (Cross-site scripting (XSS) vulnerability in IBM Integration Bus ...)
+ TODO: check
+CVE-2014-4819 (The web user interface in IBM WebSphere Message Broker 8.0 before ...)
+ TODO: check
CVE-2014-4818
RESERVED
CVE-2014-4817
@@ -3762,8 +4176,8 @@
RESERVED
CVE-2014-4764 (IBM WebSphere Application Server (WAS) 8.0.x before 8.0.0.10 and 8.5.x ...)
NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-4763
- RESERVED
+CVE-2014-4763 (Cross-site scripting (XSS) vulnerability in Content Navigator in ...)
+ TODO: check
CVE-2014-4762 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
NOT-FOR-US: IBM
CVE-2014-4761
@@ -3818,8 +4232,7 @@
RESERVED
CVE-2014-4736 (SQL injection vulnerability in E2 before 2.4 (2845) allows remote ...)
NOT-FOR-US: E2
-CVE-2014-4735
- RESERVED
+CVE-2014-4735 (Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier ...)
NOT-FOR-US: MyWebSQL
CVE-2014-4734 (Cross-site scripting (XSS) vulnerability in e107_admin/db.php in e107 ...)
NOT-FOR-US: e107
@@ -4173,11 +4586,9 @@
RESERVED
CVE-2014-4623
RESERVED
-CVE-2014-4622
- RESERVED
+CVE-2014-4622 (EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and ...)
NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-4621
- RESERVED
+CVE-2014-4621 (EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and ...)
NOT-FOR-US: EMC Documentum Content Server
CVE-2014-4620
RESERVED
@@ -4616,46 +5027,46 @@
RESERVED
CVE-2014-4424
RESERVED
-CVE-2014-4423
- RESERVED
-CVE-2014-4422
- RESERVED
-CVE-2014-4421
- RESERVED
-CVE-2014-4420
- RESERVED
-CVE-2014-4419
- RESERVED
-CVE-2014-4418
- RESERVED
+CVE-2014-4423 (The Accounts subsystem in Apple iOS before 8 allows attackers to ...)
+ TODO: check
+CVE-2014-4422 (The kernel in Apple iOS before 8 and Apple TV before 7 uses a ...)
+ TODO: check
+CVE-2014-4421 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
+ TODO: check
+CVE-2014-4420 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
+ TODO: check
+CVE-2014-4419 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
+ TODO: check
+CVE-2014-4418 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly ...)
+ TODO: check
CVE-2014-4417
RESERVED
CVE-2014-4416
RESERVED
-CVE-2014-4415
- RESERVED
-CVE-2014-4414
- RESERVED
-CVE-2014-4413
- RESERVED
-CVE-2014-4412
- RESERVED
-CVE-2014-4411
- RESERVED
-CVE-2014-4410
- RESERVED
-CVE-2014-4409
- RESERVED
-CVE-2014-4408
- RESERVED
-CVE-2014-4407
- RESERVED
+CVE-2014-4415 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+ TODO: check
+CVE-2014-4414 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+ TODO: check
+CVE-2014-4413 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+ TODO: check
+CVE-2014-4412 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+ TODO: check
+CVE-2014-4411 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+ TODO: check
+CVE-2014-4410 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+ TODO: check
+CVE-2014-4409 (WebKit in Apple iOS before 8 makes it easier for remote attackers to ...)
+ TODO: check
+CVE-2014-4408 (The rt_setgate function in the kernel in Apple iOS before 8 and Apple ...)
+ TODO: check
+CVE-2014-4407 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly ...)
+ TODO: check
CVE-2014-4406
RESERVED
-CVE-2014-4405
- RESERVED
-CVE-2014-4404
- RESERVED
+CVE-2014-4405 (IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows ...)
+ TODO: check
+CVE-2014-4404 (Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and ...)
+ TODO: check
CVE-2014-4403
RESERVED
CVE-2014-4402
@@ -4684,82 +5095,82 @@
RESERVED
CVE-2014-4390
RESERVED
-CVE-2014-4389
- RESERVED
-CVE-2014-4388
- RESERVED
+CVE-2014-4389 (Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 ...)
+ TODO: check
+CVE-2014-4388 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly ...)
+ TODO: check
CVE-2014-4387
RESERVED
-CVE-2014-4386
- RESERVED
+CVE-2014-4386 (Race condition in the App Installation feature in Apple iOS before 8 ...)
+ TODO: check
CVE-2014-4385
RESERVED
-CVE-2014-4384
- RESERVED
-CVE-2014-4383
- RESERVED
+CVE-2014-4384 (Directory traversal vulnerability in the App Installation feature in ...)
+ TODO: check
+CVE-2014-4383 (The Assets subsystem in Apple iOS before 8 and Apple TV before 7 ...)
+ TODO: check
CVE-2014-4382
RESERVED
-CVE-2014-4381
- RESERVED
-CVE-2014-4380
- RESERVED
-CVE-2014-4379
- RESERVED
-CVE-2014-4378
- RESERVED
-CVE-2014-4377
- RESERVED
+CVE-2014-4381 (Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper ...)
+ TODO: check
+CVE-2014-4380 (The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV ...)
+ TODO: check
+CVE-2014-4379 (An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV ...)
+ TODO: check
+CVE-2014-4378 (CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote ...)
+ TODO: check
+CVE-2014-4377 (Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV ...)
+ TODO: check
CVE-2014-4376
RESERVED
-CVE-2014-4375
- RESERVED
-CVE-2014-4374
- RESERVED
-CVE-2014-4373
- RESERVED
-CVE-2014-4372
- RESERVED
-CVE-2014-4371
- RESERVED
+CVE-2014-4375 (Double free vulnerability in Apple iOS before 8 and Apple TV before 7 ...)
+ TODO: check
+CVE-2014-4374 (NSXMLParser in Foundation in Apple iOS before 8 allows attackers to ...)
+ TODO: check
+CVE-2014-4373 (The IntelAccelerator driver in the IOAcceleratorFamily subsystem in ...)
+ TODO: check
+CVE-2014-4372 (syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV ...)
+ TODO: check
+CVE-2014-4371 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
+ TODO: check
CVE-2014-4370
RESERVED
-CVE-2014-4369
- RESERVED
-CVE-2014-4368
- RESERVED
-CVE-2014-4367
- RESERVED
-CVE-2014-4366
- RESERVED
+CVE-2014-4369 (The IOAcceleratorFamily API implementation in Apple iOS before 8 and ...)
+ TODO: check
+CVE-2014-4368 (The Accessibility subsystem in Apple iOS before 8 allows attackers to ...)
+ TODO: check
+CVE-2014-4367 (Apple iOS before 8 enables Voice Dial during all upgrade actions, ...)
+ TODO: check
+CVE-2014-4366 (Mail in Apple iOS before 8 does not prevent sending a LOGIN command to ...)
+ TODO: check
CVE-2014-4365
RESERVED
-CVE-2014-4364
- RESERVED
-CVE-2014-4363
- RESERVED
-CVE-2014-4362
- RESERVED
-CVE-2014-4361
- RESERVED
+CVE-2014-4364 (The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does ...)
+ TODO: check
+CVE-2014-4363 (Safari in Apple iOS before 8 does not properly restrict the ...)
+ TODO: check
+CVE-2014-4362 (The Sandbox Profiles implementation in Apple iOS before 8 does not ...)
+ TODO: check
+CVE-2014-4361 (The Home & Lock Screen subsystem in Apple iOS before 8 does not ...)
+ TODO: check
CVE-2014-4360
RESERVED
CVE-2014-4359
RESERVED
CVE-2014-4358
RESERVED
-CVE-2014-4357
- RESERVED
-CVE-2014-4356
- RESERVED
+CVE-2014-4357 (Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows ...)
+ TODO: check
+CVE-2014-4356 (Apple iOS before 8 does not follow the intended configuration setting ...)
+ TODO: check
CVE-2014-4355
RESERVED
-CVE-2014-4354
- RESERVED
-CVE-2014-4353
- RESERVED
-CVE-2014-4352
- RESERVED
+CVE-2014-4354 (Apple iOS before 8 enables Bluetooth during all upgrade actions, which ...)
+ TODO: check
+CVE-2014-4353 (Race condition in iMessage in Apple iOS before 8 allows attackers to ...)
+ TODO: check
+CVE-2014-4352 (Address Book in Apple iOS before 8 relies on the hardware UID for its ...)
+ TODO: check
CVE-2014-4351
RESERVED
CVE-2014-4350
@@ -6107,8 +6518,7 @@
RESERVED
CVE-2014-3797
RESERVED
-CVE-2014-3796
- RESERVED
+CVE-2014-3796 (VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) ...)
NOT-FOR-US: VMware NSX and vCNS
CVE-2014-3795
RESERVED
@@ -6473,8 +6883,7 @@
NOTE: Introduced by https://github.com/bagder/curl/commit/85b9dc8023
CVE-2014-3619
RESERVED
-CVE-2014-3617
- RESERVED
+CVE-2014-3617 (The forum_print_latest_discussions function in mod/forum/lib.php in ...)
- moodle <unfixed>
[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46619
@@ -8059,8 +8468,8 @@
TODO: check
CVE-2014-3078
RESERVED
-CVE-2014-3077
- RESERVED
+CVE-2014-3077 (IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x ...)
+ TODO: check
CVE-2014-3076 (IBM Business Process Manager (BPM) 8.5 through 8.5.5 allows remote ...)
NOT-FOR-US: IBM
CVE-2014-3075 (Cross-site scripting (XSS) vulnerability in IBM Business Process ...)
@@ -8468,8 +8877,7 @@
- strongswan 5.1.2-1
CVE-2014-2887
RESERVED
-CVE-2014-2886
- RESERVED
+CVE-2014-2886 (GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) ...)
- gksu <undetermined>
NOTE: https://community.rapid7.com/community/metasploit/blog/2014/07/07/virtualbox-filename-command-execution-via-gksu
TODO: check
@@ -9953,12 +10361,12 @@
NOT-FOR-US: Sensys Networks
CVE-2014-2378 (Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and ...)
NOT-FOR-US: Sensys Networks
-CVE-2014-2377
- RESERVED
-CVE-2014-2376
- RESERVED
-CVE-2014-2375
- RESERVED
+CVE-2014-2377 (Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta ...)
+ TODO: check
+CVE-2014-2376 (SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable ...)
+ TODO: check
+CVE-2014-2375 (Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta ...)
+ TODO: check
CVE-2014-2374
RESERVED
CVE-2014-2373
@@ -10888,10 +11296,10 @@
RESERVED
CVE-2014-2010
RESERVED
-CVE-2014-2009
- RESERVED
-CVE-2014-2008
- RESERVED
+CVE-2014-2009 (The mPAY24 payment module before 1.6 for PrestaShop allows remote ...)
+ TODO: check
+CVE-2014-2008 (SQL injection vulnerability in confirm.php in the mPAY24 payment ...)
+ TODO: check
CVE-2014-2007
RESERVED
CVE-2014-2006 (Cross-site scripting (XSS) vulnerability in Intercom Web Kyukincho 3.x ...)
@@ -13364,8 +13772,8 @@
RESERVED
CVE-2014-0994
RESERVED
-CVE-2014-0993
- RESERVED
+CVE-2014-0993 (Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in ...)
+ TODO: check
CVE-2014-0992
RESERVED
NOT-FOR-US: Advantech WebAccess
@@ -14557,24 +14965,24 @@
RESERVED
CVE-2014-0569
RESERVED
-CVE-2014-0568
- RESERVED
-CVE-2014-0567
- RESERVED
-CVE-2014-0566
- RESERVED
-CVE-2014-0565
- RESERVED
+CVE-2014-0568 (Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 ...)
+ TODO: check
+CVE-2014-0567 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2014-0566 (Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 ...)
+ TODO: check
+CVE-2014-0565 (Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 ...)
+ TODO: check
CVE-2014-0564
RESERVED
-CVE-2014-0563
- RESERVED
-CVE-2014-0562
- RESERVED
-CVE-2014-0561
- RESERVED
-CVE-2014-0560
- RESERVED
+CVE-2014-0563 (Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 ...)
+ TODO: check
+CVE-2014-0562 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2014-0561 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2014-0560 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
CVE-2014-0559 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and ...)
NOT-FOR-US: Adobe Flash Player
CVE-2014-0558
@@ -45109,8 +45517,8 @@
RESERVED
CVE-2012-2957 (The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 ...)
NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2956
- RESERVED
+CVE-2012-2956 (SQL injection vulnerability in SpiceWorks 5.3.75941 allows remote ...)
+ TODO: check
CVE-2012-2955 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
NOT-FOR-US: IBM Lotus Protector, IBM ISS Proventia Network Mail Security
CVE-2012-2954
@@ -46120,8 +46528,8 @@
NOT-FOR-US: ManageEngine ServiceDesk Plus
CVE-2012-2584 (Multiple cross-site scripting (XSS) vulnerabilities in Alt-N MDaemon ...)
NOT-FOR-US: Alt-N MDaemon Free
-CVE-2012-2583
- RESERVED
+CVE-2012-2583 (Cross-site scripting (XSS) vulnerability in Mini Mail Dashboard Widget ...)
+ TODO: check
CVE-2012-2582 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...)
{DSA-2536-1}
- otrs2 3.1.7+dfsg1-4
@@ -48787,8 +49195,8 @@
NOTE: https://github.com/cyassl/cyassl/commit/6b77c8967aa34f2a0bae85e90a469c4170cb2bb1
CVE-2012-1557 (SQL injection vulnerability in admin/plib/api-rpc/Agent.php in ...)
NOT-FOR-US: Parallels Plesk Panel
-CVE-2012-1556
- RESERVED
+CVE-2012-1556 (Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 ...)
+ TODO: check
CVE-2012-1555
RESERVED
CVE-2012-1554
@@ -48892,10 +49300,10 @@
NOT-FOR-US: VMware View
CVE-2012-1508 (The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX ...)
NOT-FOR-US: VMware ESXi
-CVE-2012-1507
- RESERVED
-CVE-2012-1506
- RESERVED
+CVE-2012-1507 (Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM ...)
+ TODO: check
+CVE-2012-1506 (SQL injection vulnerability in the updateStatus function in ...)
+ TODO: check
CVE-2012-1505
RESERVED
CVE-2012-1504
@@ -49085,8 +49493,8 @@
[squeeze] - clamav 0.97.5+dfsg-3~squeeze1
CVE-2012-1418 (Multiple unspecified vulnerabilities in Google Chrome before ...)
NOT-FOR-US: Chrome books
-CVE-2012-1417
- RESERVED
+CVE-2012-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Local Phone ...)
+ TODO: check
CVE-2012-1416 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: SocialCMS
CVE-2012-1415
@@ -50022,8 +50430,8 @@
CVE-2012-1033 (The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server ...)
- bind9 1:9.8.1.dfsg.P1-4.1 (low)
[squeeze] - bind9 <no-dsa> (low-severity dns protocol design flaw)
-CVE-2012-1032
- RESERVED
+CVE-2012-1032 (Cross-site scripting (XSS) vulnerability in the Euroling SiteSeeker ...)
+ TODO: check
CVE-2012-1031 (Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in ...)
NOT-FOR-US: EPiServer CMS
CVE-2012-1030 (Cross-site scripting (XSS) vulnerability in DotNetNuke 6.x through ...)
More information about the Secure-testing-commits
mailing list