[Secure-testing-commits] r31237 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 10 06:00:00 UTC 2015
Author: carnil
Date: 2015-01-10 06:00:00 +0000 (Sat, 10 Jan 2015)
New Revision: 31237
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-10 05:27:32 UTC (rev 31236)
+++ data/CVE/list 2015-01-10 06:00:00 UTC (rev 31237)
@@ -3,11 +3,11 @@
CVE-2015-0920 (Cross-site request forgery (CSRF) vulnerability in the Banner Effect ...)
NOT-FOR-US: Banner Effect Header plugin for WordPress
CVE-2015-0919 (Multiple SQL injection vulnerabilities in the administrative backend ...)
- TODO: check
+ NOT-FOR-US: Sefrengo
CVE-2015-0918 (Cross-site scripting (XSS) vulnerability in the administrative backend ...)
- TODO: check
+ NOT-FOR-US: Sefrengo
CVE-2015-0917 (Cross-site scripting (XSS) vulnerability in the backend in Kajona ...)
- TODO: check
+ NOT-FOR-US: Kajona
CVE-2015-0916
RESERVED
CVE-2015-0915
@@ -719,23 +719,23 @@
NOTE: http://marc.info/?l=linux-kernel&m=141911002822659&w=2
TODO: check
CVE-2014-9583 (common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, ...)
- TODO: check
+ NOT-FOR-US: infosvr in ASUS WRT firmware
CVE-2014-9582 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Codiad
CVE-2014-9581 (Directory traversal vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Codiad
CVE-2014-9580 (Cross-site scripting (XSS) vulnerability in ProjectSend (formerly ...)
- TODO: check
+ NOT-FOR-US: ProjectSend
CVE-2014-9579 (VDG Security SENSE (formerly DIVA) 2.3.13 stores administrator ...)
- TODO: check
+ NOT-FOR-US: VDG Security SENSE
CVE-2014-9578 (VDG Security SENSE (formerly DIVA) 2.3.13 performs authentication with ...)
- TODO: check
+ NOT-FOR-US: VDG Security SENSE
CVE-2014-9577 (VDG Security SENSE (formerly DIVA) 2.3.13 sends the user database when ...)
- TODO: check
+ NOT-FOR-US: VDG Security SENSE
CVE-2014-9576 (VDG Security SENSE (formerly DIVA) 2.3.13 has a hardcoded password of ...)
- TODO: check
+ NOT-FOR-US: VDG Security SENSE
CVE-2014-9575 (VDG Security SENSE (formerly DIVA) before 2.3.15 allows remote ...)
- TODO: check
+ NOT-FOR-US: VDG Security SENSE
CVE-2014-9574
RESERVED
CVE-2014-9573
@@ -747,11 +747,11 @@
CVE-2014-9570
RESERVED
CVE-2014-9569 (Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver ...)
- TODO: check
+ NOT-FOR-US: SAP NetWeaver Business Client
CVE-2014-9568
RESERVED
CVE-2014-9567 (Unrestricted file upload vulnerability in process-upload.php in ...)
- TODO: check
+ NOT-FOR-US: ProjectSend
CVE-2014-9566
RESERVED
CVE-2014-9565
@@ -825,7 +825,7 @@
CVE-2014-9530
RESERVED
CVE-2014-9528 (SQL injection vulnerability in the actionIndex function in ...)
- TODO: check
+ NOT-FOR-US: HumHub
CVE-2014-9527 (HSLFSlideShow in Apache POI before 3.11 allows remote attackers to ...)
TODO: check
CVE-2015-XXXX [directory traversal vulnerabilities]
@@ -910,7 +910,7 @@
CVE-2015-0553
RESERVED
CVE-2014-9526 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 ...)
- TODO: check
+ NOT-FOR-US: concrete5
CVE-2014-9525 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
NOT-FOR-US: Timed Popup (wp-timed-popup) plugin for WordPress
CVE-2014-9524 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
@@ -918,19 +918,19 @@
CVE-2014-9523 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Our ...)
NOT-FOR-US: Our Team Showcase (our-team-enhanced) plugin for WordPress
CVE-2014-9522 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Papoo Light ...)
- TODO: check
+ NOT-FOR-US: CMS Papoo Light
CVE-2014-9521 (Unrestricted file upload vulnerability in uploadScript.php in ...)
- TODO: check
+ NOT-FOR-US: InfiniteWP Admin Panel
CVE-2014-9520 (SQL injection vulnerability in execute.php in InfiniteWP Admin Panel ...)
- TODO: check
+ NOT-FOR-US: InfiniteWP Admin Panel
CVE-2014-9519 (SQL injection vulnerability in login.php in InfiniteWP Admin Panel ...)
- TODO: check
+ NOT-FOR-US: InfiniteWP Admin Panel
CVE-2014-9518 (Cross-site scripting (XSS) vulnerability in login.cgi in D-Link router ...)
- TODO: check
+ NOT-FOR-US: login.cgi in D-Link router DIR-655 (rev Bx) with firmware before 2.12b01
CVE-2014-9517 (Cross-site scripting (XSS) vulnerability in D-link IP camera DCS-2103 ...)
- TODO: check
+ NOT-FOR-US: D-link IP camera DCS-2103
CVE-2014-9516 (Cross-site scripting (XSS) vulnerability in Social Microblogging PRO ...)
- TODO: check
+ NOT-FOR-US: Social Microblogging PRO
CVE-2014-9515
RESERVED
CVE-2014-9514
@@ -972,7 +972,7 @@
CVE-2014-9484
RESERVED
CVE-2014-9473 (Unrestricted file upload vulnerability in lib_nonajax.php in the ...)
- TODO: check
+ NOT-FOR-US: formsII plugin for WordPress
CVE-2014-9472
RESERVED
CVE-2014-9470
@@ -986,7 +986,7 @@
CVE-2014-9466
RESERVED
CVE-2014-9464 (SQL injection vulnerability in Category.php in Microweber CMS 0.95 ...)
- TODO: check
+ NOT-FOR-US: Microweber CMS
CVE-2014-9463
RESERVED
CVE-2014-9462
@@ -996,27 +996,27 @@
CVE-2014-9460 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
NOT-FOR-US: WP-ViperGB plugin for WordPress
CVE-2014-9459 (Cross-site request forgery (CSRF) vulnerability in the AdminObserver ...)
- TODO: check
+ NOT-FOR-US: e107
CVE-2014-9458 (Heap-based buffer overflow in the GDB debugger module in Hex-Rays IDA ...)
- TODO: check
+ NOT-FOR-US: Hex-Rays IDA Pro
CVE-2014-9457 (SQL injection vulnerability in classes/mono_display.class.php in PMB ...)
- TODO: check
+ NOT-FOR-US: PMB
CVE-2014-9456 (Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have ...)
- TODO: check
+ NOT-FOR-US: NotePad++
CVE-2014-9455 (SQL injection vulnerability in showads.php in CTS Projects & Software ...)
- TODO: check
+ NOT-FOR-US: CTS Projects & Software ClassAd
CVE-2014-9454 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
NOT-FOR-US: Simple Sticky Footer plugin for WordPress
CVE-2014-9453 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: Simple visitor stat plugin for WordPress
CVE-2014-9452 (Directory traversal vulnerability in VDG Security SENSE (formerly ...)
- TODO: check
+ NOT-FOR-US: VDG Security SENSE
CVE-2014-9451 (Multiple stack-based buffer overflows in the DIVA web service API ...)
- TODO: check
+ NOT-FOR-US: VDG Security SENS
CVE-2014-9448 (Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 ...)
- TODO: check
+ NOT-FOR-US: Mini-stream RM-MP3 Converter
CVE-2014-9445 (SQL injection vulnerability in incl/create.inc.php in Installatron GQ ...)
- TODO: check
+ NOT-FOR-US: GQ File Manager
CVE-2014-9444 (Cross-site scripting (XSS) vulnerability in the Frontend Uploader ...)
NOT-FOR-US: Frontend Uploader plugin for WordPress
CVE-2014-9443 (Cross-site scripting (XSS) vulnerability in the Relevanssi plugin ...)
@@ -1026,115 +1026,115 @@
CVE-2014-9441 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
NOT-FOR-US: Lightbox Photo Gallery plugin for WordPress
CVE-2014-9440 (SQL injection vulnerability in browse.php in phpMyRecipes 1.2.2 allows ...)
- TODO: check
+ NOT-FOR-US: phpMyRecipes
CVE-2014-9439 (Cross-site scripting (XSS) vulnerability in Easy File Sharing Web ...)
- TODO: check
+ NOT-FOR-US: Easy File Sharing Web Server
CVE-2014-9438 (Cross-site request forgery (CSRF) vulnerability in the Moderator ...)
- TODO: check
+ NOT-FOR-US: vBulletin
CVE-2014-9437 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
NOT-FOR-US: Sliding Social Icons plugin for WordPress
CVE-2014-9436 (Absolute path traversal vulnerability in SysAid On-Premise before ...)
- TODO: check
+ NOT-FOR-US: SysAid
CVE-2014-9435 (Multiple SQL injection vulnerabilities in Absolut Engine 1.73 allow ...)
- TODO: check
+ NOT-FOR-US: Absolut Engine
CVE-2014-9434 (Cross-site scripting (XSS) vulnerability in admin/managerrelated.php ...)
- TODO: check
+ NOT-FOR-US: Absolut Engine
CVE-2014-9431 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Smoothwall
CVE-2014-9430 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Smoothwall
CVE-2014-9429 (Multiple cross-site scripting (XSS) vulnerabilities in Smoothwall ...)
- TODO: check
+ NOT-FOR-US: Smoothwall
CVE-2013-7418 (cgi-bin/iptablesgui.cgi in IPCop (aka IPCop Firewall) before 2.1.5 ...)
- TODO: check
+ NOT-FOR-US: IPCop
CVE-2013-7417 (Cross-site scripting (XSS) vulnerability in cgi-bin/ipinfo.cgi in ...)
- TODO: check
+ NOT-FOR-US: IPCop
CVE-2011-5318 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: diafan.CMS
CVE-2011-5317 (Cross-site scripting (XSS) vulnerability in editText.php in WonderCMS ...)
- TODO: check
+ NOT-FOR-US: WonderCMS
CVE-2011-5316 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in ...)
- TODO: check
+ NOT-FOR-US: Cambio
CVE-2011-5315 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in ...)
- TODO: check
+ NOT-FOR-US: whCMS
CVE-2011-5314 (templates/default/index.php in Redaxscript 0.3.2 allows remote ...)
- TODO: check
+ NOT-FOR-US: Redaxscript
CVE-2011-5313 (Multiple SQL injection vulnerabilities in includes/password.php in ...)
- TODO: check
+ NOT-FOR-US: Redaxscript
CVE-2011-5312 (Multiple cross-site scripting (XSS) vulnerabilities in Gollos 2.8 ...)
- TODO: check
+ NOT-FOR-US: Gollos
CVE-2011-5311 (Cross-site request forgery (CSRF) vulnerability in pages.php in ...)
- TODO: check
+ NOT-FOR-US: Wikipad
CVE-2011-5310 (Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows ...)
- TODO: check
+ NOT-FOR-US: Wikipad
CVE-2011-5309 (Cross-site scripting (XSS) vulnerability in pages.php in Wikipad 1.6.0 ...)
- TODO: check
+ NOT-FOR-US: Wikipad
CVE-2011-5308 (Multiple SQL injection vulnerabilities in cdnvote-post.php in the ...)
NOT-FOR-US: cdnvote plugin for WordPress
CVE-2011-5307 (Cross-site scripting (XSS) vulnerability in index.php in the ...)
NOT-FOR-US: PhotoSmash plugin for WordPress
CVE-2011-5306 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: CosmoShop ePRO
CVE-2011-5305 (Multiple cross-site scripting (XSS) vulnerabilities in CosmoShop ePRO ...)
- TODO: check
+ NOT-FOR-US: CosmoShop ePRO
CVE-2011-5304 (Multiple cross-site scripting (XSS) vulnerabilities in the Sodahead ...)
NOT-FOR-US: Sodahead Polls plugin for WordPress
CVE-2011-5303 (Cross-site scripting (XSS) vulnerability in Spitfire CMS 1.0.436 ...)
- TODO: check
+ NOT-FOR-US: Spitfire CMS
CVE-2011-5302 (Cross-site request forgery (CSRF) vulnerability in adm/admin_edit.php ...)
- TODO: check
+ NOT-FOR-US: PHPDug
CVE-2011-5301 (Multiple cross-site scripting (XSS) vulnerabilities in PHPDug 2.0.0 ...)
- TODO: check
+ NOT-FOR-US: PHPDug
CVE-2011-5300 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: poMMo Aardvark
CVE-2011-5299 (Multiple cross-site scripting (XSS) vulnerabilities in poMMo Aardvark ...)
- TODO: check
+ NOT-FOR-US: poMMo Aardvark
CVE-2011-5298 (Multiple cross-site request forgery (CSRF) vulnerabilities in Argyle ...)
- TODO: check
+ NOT-FOR-US: Argyle Social
CVE-2011-5297 (Multiple cross-site scripting (XSS) vulnerabilities in TTChat 1.0.4 ...)
- TODO: check
+ NOT-FOR-US: TTChat
CVE-2011-5296 (Cross-site scripting (XSS) vulnerability in profilo.php in Happy Chat ...)
- TODO: check
+ NOT-FOR-US: Happy Chat
CVE-2011-5295 (Buffer overflow in the Download method in a certain ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: Gogago YouTube Video Converter
CVE-2011-5294 (The SaveMessage method in the LEADeMail.LEADSmtp.20 ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: Kofax e-Transactions Sender Sendbox
CVE-2011-5293 (The cmdSave method in the ThreeDify.ThreeDifyDesigner.1 ActiveX ...)
- TODO: check
+ NOT-FOR-US: ThreeDify Designer
CVE-2011-5292 (The EaseWeFtp.FtpLibrary ActiveX control in EaseWeFtp.ocx in Easewe ...)
- TODO: check
+ NOT-FOR-US: Easewe FTP OCX
CVE-2011-5291 (The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: Ashampoo 3D CAD Professional
CVE-2011-5290 (The SaveToFile method in the UniBasicPack.UniTextBox ActiveX control ...)
- TODO: check
+ NOT-FOR-US: IDrive Online Backup
CVE-2011-5289 (The SaveDecrypted method in the ChilkatCrypt2.ChilkatOmaDrm.1 ActiveX ...)
- TODO: check
+ NOT-FOR-US: aTube Catcher
CVE-2011-5288 (Multiple buffer overflows in the ThreeDify.ThreeDifyDesigner.1 ActiveX ...)
- TODO: check
+ NOT-FOR-US: ThreeDify Designer
CVE-2011-5287 (Multiple cross-site scripting (XSS) vulnerabilities in HESK before ...)
- TODO: check
+ NOT-FOR-US: HESK
CVE-2011-5286 (SQL injection vulnerability in social-slider-2/ajax.php in the Social ...)
NOT-FOR-US: Social Slider plugin for WordPress
CVE-2011-5285 (Multiple cross-site scripting (XSS) vulnerabilities in BugFree 2.1.3 ...)
- TODO: check
+ NOT-FOR-US: BugFree
CVE-2011-5284 (Cross-site request forgery (CSRF) vulnerability in the web management ...)
- TODO: check
+ NOT-FOR-US: Smoothwall
CVE-2011-5283 (Cross-site scripting (XSS) vulnerability in the web management ...)
- TODO: check
+ NOT-FOR-US: Smoothwall
CVE-2010-5320 (Multiple cross-site request forgery (CSRF) vulnerabilities in MemHT ...)
- TODO: check
+ NOT-FOR-US: MemHT Portal
CVE-2010-5319 (Multiple cross-site request forgery (CSRF) vulnerabilities in Kandidat ...)
- TODO: check
+ NOT-FOR-US: Kandidat CMS
CVE-2010-5318 (The password-reset feature in as/index.php in SweetRice CMS before ...)
- TODO: check
+ NOT-FOR-US: SweetRice CMS
CVE-2010-5317 (Multiple SQL injection vulnerabilities in index.php in SweetRice CMS ...)
- TODO: check
+ NOT-FOR-US: SweetRice CMS
CVE-2010-5316 (Cross-site scripting (XSS) vulnerability in as/index.php in SweetRice ...)
- TODO: check
+ NOT-FOR-US: SweetRice CMS
CVE-2010-5315 (Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita ...)
- TODO: check
+ NOT-FOR-US: BEdita
CVE-2010-5314 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: BEdita
CVE-2014-9507 (MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and ...)
- mediawiki <not-affected> (There is no content handler in REL1_19)
NOTE: Upstream bug https://phabricator.wikimedia.org/T72901
@@ -1749,29 +1749,29 @@
CVE-2014-9404
RESERVED
CVE-2014-9401 (Cross-site request forgery (CSRF) vulnerability in the WP Limit Posts ...)
- TODO: check
+ NOT-FOR-US: WP Limit Posts Automatically plugin for WordPress
CVE-2014-9400 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Wp ...)
- TODO: check
+ NOT-FOR-US: Wp Unique Article Header Image plugin for WordPress
CVE-2014-9399 (Cross-site request forgery (CSRF) vulnerability in the TweetScribe ...)
- TODO: check
+ NOT-FOR-US: TweetScribe plugin for WordPress
CVE-2014-9398 (Cross-site request forgery (CSRF) vulnerability in the Twitter ...)
- TODO: check
+ NOT-FOR-US: Twitter LiveBlog plugin for WordPress
CVE-2014-9397 (Cross-site request forgery (CSRF) vulnerability in the twimp-wp plugin ...)
NOT-FOR-US: twimp-wp plugin for WordPress
CVE-2014-9396 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: SimpleFlickr plugin for WordPress
CVE-2014-9395 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: Simplelife plugin for WordPress
CVE-2014-9394 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: PWGRandom plugin for WordPress
CVE-2014-9393 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Post ...)
- TODO: check
+ NOT-FOR-US: Post to Twitter plugin for WordPress
CVE-2014-9392 (Cross-site request forgery (CSRF) vulnerability in the PictoBrowser ...)
- TODO: check
+ NOT-FOR-US: PictoBrowser plugin for WordPress
CVE-2014-9391 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: gSlideShow plugin for WordPress
CVE-2014-9389 (Directory traversal vulnerability in Sonatype Nexus OSS and Pro before ...)
- TODO: check
+ NOT-FOR-US: Sonatype Nexus OSS and Pro
CVE-2014-9388 (bug_report.php in MantisBT before 1.2.18 allows remote attackers to ...)
{DSA-3120-1}
- mantis <removed>
@@ -1804,7 +1804,7 @@
CVE-2014-9368 (Cross-site request forgery (CSRF) vulnerability in the twitterDash ...)
NOT-FOR-US: WordPress plugin twitterDash
CVE-2014-9367 (Incomplete blacklist vulnerability in the urlEncode function in ...)
- TODO: check
+ NOT-FOR-US: Twiki
CVE-2014-9366
RESERVED
CVE-2014-9493 (The V2 API in OpenStack Image Registry and Delivery Service (Glance) ...)
@@ -1998,7 +1998,7 @@
CVE-2014-9326
RESERVED
CVE-2014-9325 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 ...)
- TODO: check
+ NOT-FOR-US: Twiki
CVE-2014-9324 (The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x ...)
- otrs2 3.3.9-3
[squeeze] - otrs2 <not-affected> (Problematic module got introduced later)
@@ -2159,7 +2159,7 @@
CVE-2014-9255
RESERVED
CVE-2014-9254 (bb_func_unsub.php in MiniBB 3.1 before 20141127 uses an incorrect ...)
- TODO: check
+ NOT-FOR-US: MiniBB
CVE-2014-9253 (The default file type whitelist configuration in conf/mime.conf in the ...)
- dokuwiki <unfixed> (bug #773429)
[wheezy] - dokuwiki <no-dsa> (Minor issue)
@@ -5472,7 +5472,7 @@
CVE-2014-8753
RESERVED
CVE-2014-8752 (Multiple cross-site scripting (XSS) vulnerabilities in view.php in ...)
- TODO: check
+ NOT-FOR-US: JCE-Tech PHP Video Script
CVE-2014-8751 (Multiple cross-site scripting (XSS) vulnerabilities in goYWP WebPress ...)
NOT-FOR-US: goYWP WebPress
CVE-2014-8749 (Server-side request forgery (SSRF) vulnerability in ...)
@@ -6123,19 +6123,19 @@
CVE-2014-8034
RESERVED
CVE-2014-8033 (The play/modules component in Cisco WebEx Meetings Server allows ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-8032 (The OutlookAction LI in Cisco WebEx Meetings Server allows remote ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-8031 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-8030 (Cross-site scripting (XSS) vulnerability in sendPwMail.do in Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-8029 (Open redirect vulnerability in the web interface in Cisco Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-8028 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-8027 (The RBAC component in Cisco Secure Access Control System (ACS) allows ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-8026 (Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco ...)
NOT-FOR-US: Cisco
CVE-2014-8025 (The API in the Guest Server in Cisco Jabber, when HTML5 is used, ...)
@@ -7729,7 +7729,7 @@
CVE-2014-7294 (Open redirect vulnerability in the logon page in NYU OpenSSO ...)
NOT-FOR-US: Ex Libris Patron Directory Services
CVE-2014-7293 (Cross-site scripting (XSS) vulnerability in the logon page in NYU ...)
- TODO: check
+ NOT-FOR-US: NYU OpenSSO Integration for Ex Libris Patron Directory Services
CVE-2014-7292 (Open redirect vulnerability in the Click-Through feature in ...)
NOT-FOR-US: Newtelligence dasBlog
CVE-2014-7291 (Multiple cross-site scripting (XSS) vulnerabilities in api_events.php ...)
@@ -16130,7 +16130,7 @@
CVE-2014-3780 (Unspecified vulnerability in Citrix VDI-In-A-Box 5.3.x before 5.3.8 ...)
NOT-FOR-US: Citrix
CVE-2014-3779 (Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ...)
- TODO: check
+ NOT-FOR-US: ZOHO
CVE-2014-3778 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: ARRIS modem
CVE-2014-3777 (Directory traversal vulnerability in Reportico PHP Report Designer ...)
@@ -16148,7 +16148,7 @@
CVE-2014-3765
RESERVED
CVE-2014-3764 (Cross-site scripting (XSS) vulnerability in the web-based device ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2014-3763
RESERVED
CVE-2014-3762
More information about the Secure-testing-commits
mailing list