[Secure-testing-commits] r35314 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jul 4 13:11:45 UTC 2015
Author: carnil
Date: 2015-07-04 13:11:44 +0000 (Sat, 04 Jul 2015)
New Revision: 35314
Modified:
data/CVE/list
Log:
Process NFUs from TODO list
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-04 12:55:11 UTC (rev 35313)
+++ data/CVE/list 2015-07-04 13:11:44 UTC (rev 35314)
@@ -423,11 +423,11 @@
CVE-2015-5151 (Cross-site scripting (XSS) vulnerability in the Slider Revolution ...)
NOT-FOR-US: Slider Revolution (revslider) plugin for WordPress
CVE-2015-5150 (Multiple cross-site scripting (XSS) vulnerabilities in Zoho ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine SupportCenter Plus
CVE-2015-5149 (Directory traversal vulnerability in Zoho ManageEngine SupportCenter ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine SupportCenter Plus
CVE-2015-5148 (SQL injection vulnerability in LivelyCart 1.2.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: LivelyCart
CVE-2015-5145
RESERVED
CVE-2015-5144
@@ -2407,29 +2407,29 @@
CVE-2015-4228
RESERVED
CVE-2015-4227 (Memory leak in Cisco Headend System Release allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4226 (The packet-storing feature on Cisco 9900 phones with firmware 9.3(2) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4225 (Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4224 (Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4223 (Cisco IOS XR 5.1.3 allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4222 (SQL injection vulnerability in Cisco Unified Communications Manager IM ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4221 (Cisco Unified Communications Manager IM and Presence Service 9.1(1) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4220 (Cross-site scripting (XSS) vulnerability in Cisco Unified Presence ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4219 (Cisco Secure Access Control System before 5.4(0.46.2) and 5.5 before ...)
NOT-FOR-US: Cisco
CVE-2015-4218 (The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 ...)
NOT-FOR-US: Cisco Jabber
CVE-2015-4217 (The remote-support feature on Cisco Web Security Virtual Appliance ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4216 (The remote-support feature on Cisco Web Security Virtual Appliance ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4215 (Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) ...)
NOT-FOR-US: Cisco
CVE-2015-4214 (Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) allows remote ...)
@@ -2463,7 +2463,7 @@
CVE-2015-4200 (Memory leak in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in ...)
NOT-FOR-US: Cisco IOS
CVE-2015-4199 (Race condition in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4198 (Cross-site scripting (XSS) vulnerability in the web framework on Cisco ...)
NOT-FOR-US: Cisco
CVE-2015-4197 (Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to ...)
@@ -2505,7 +2505,7 @@
CVE-2015-4175
RESERVED
CVE-2015-4174 (Cross-site scripting (XSS) vulnerability in the integrated web server ...)
- TODO: check
+ NOT-FOR-US: Siemens Climatix BACnet/IP communication module
CVE-2015-4173
RESERVED
CVE-2010-5324 (Directory traversal vulnerability in UploadServlet in the Remote ...)
@@ -6099,7 +6099,7 @@
CVE-2015-2966 (Directory traversal vulnerability in the Droidware UK Explorer+ File ...)
TODO: check
CVE-2015-2965 (Directory traversal vulnerability in osCommerce Japanese 2.2ms1j-R8 ...)
- TODO: check
+ NOT-FOR-US: osCommerce Japanese
CVE-2015-2964
RESERVED
CVE-2015-2963
@@ -8954,7 +8954,7 @@
CVE-2015-2020
RESERVED
CVE-2015-2019 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-2018
RESERVED
CVE-2015-2017
@@ -9020,7 +9020,7 @@
CVE-2015-1987
RESERVED
CVE-2015-1986 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1985
RESERVED
CVE-2015-1984
@@ -9030,13 +9030,13 @@
CVE-2015-1982
RESERVED
CVE-2015-1981 (Cross-site scripting (XSS) vulnerability in the web server in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1980
RESERVED
CVE-2015-1979
RESERVED
CVE-2015-1978 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Security ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1977
RESERVED
CVE-2015-1976
@@ -9044,11 +9044,11 @@
CVE-2015-1975
RESERVED
CVE-2015-1974 (The web administration tool in IBM Tivoli Security Directory Server ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1973
RESERVED
CVE-2015-1972 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1971
RESERVED
CVE-2015-1970
@@ -9058,23 +9058,23 @@
CVE-2015-1968
RESERVED
CVE-2015-1967 (MQ Explorer in IBM WebSphere MQ before 8.0.0.3 does not recognize the ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1966
RESERVED
CVE-2015-1965 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1964 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1963 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1962 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1961
RESERVED
CVE-2015-1960
RESERVED
CVE-2015-1959 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1958
RESERVED
CVE-2015-1957
@@ -9084,19 +9084,19 @@
CVE-2015-1955
RESERVED
CVE-2015-1954 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1953 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1952
RESERVED
CVE-2015-1951 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1950 (IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1949 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1948 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1947
RESERVED
CVE-2015-1946
@@ -9108,15 +9108,15 @@
CVE-2015-1943
RESERVED
CVE-2015-1942 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1941 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1940
RESERVED
CVE-2015-1939
RESERVED
CVE-2015-1938 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1937 (IBM PowerVC 1.2.0.x through 1.2.0.4, 1.2.1.x through 1.2.1.2, and ...)
NOT-FOR-US: IBM PowerVC
CVE-2015-1936
@@ -9132,9 +9132,9 @@
CVE-2015-1931
RESERVED
CVE-2015-1930 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1929 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1928
RESERVED
CVE-2015-1927
@@ -9142,11 +9142,11 @@
CVE-2015-1926
RESERVED
CVE-2015-1925 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1924 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1923 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1922
RESERVED
CVE-2015-1921 (Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before ...)
@@ -9154,7 +9154,7 @@
CVE-2015-1920 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 ...)
NOT-FOR-US: IBM
CVE-2015-1919 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1918
RESERVED
CVE-2015-1917
@@ -9168,7 +9168,7 @@
RESERVED
NOT-FOR-US: IBM JDK
CVE-2015-1913 (Rational Test Control Panel in IBM Rational Test Workbench and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1912
RESERVED
CVE-2015-1911 (Cross-site scripting (XSS) vulnerability in Sterling Order Management ...)
@@ -9192,9 +9192,9 @@
CVE-2015-1902 (Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and ...)
NOT-FOR-US: IBM
CVE-2015-1901 (The installer in IBM InfoSphere Information Server 8.5 through 11.3 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1900 (IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1899 (IBM WebSphere Portal 8.5 through CF05 allows remote attackers to cause ...)
NOT-FOR-US: IBM
CVE-2015-1898 (Stack-based buffer overflow in the FastBackMount process in IBM Tivoli ...)
@@ -9226,7 +9226,7 @@
CVE-2015-1885 (WebSphereOauth20SP.ear in IBM WebSphere Application Server (WAS) 7.0 ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2015-1884 (Directory traversal vulnerability in IBM Business Process Manager ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1883
RESERVED
CVE-2015-1882 (Multiple race conditions in IBM WebSphere Application Server (WAS) 8.5 ...)
@@ -10386,7 +10386,7 @@
CVE-2015-1486
RESERVED
CVE-2015-1485 (Cross-site request forgery (CSRF) vulnerability in the administration ...)
- TODO: check
+ NOT-FOR-US: Enforce Server in Symantec Data Loss Prevention
CVE-2015-1484 (Unquoted Windows search path vulnerability in the agent in Symantec ...)
NOT-FOR-US: Symantec Workspace Streaming
CVE-2015-1483 (Symantec NetBackup OpsCenter 7.6.0.2 through 7.6.1 on Linux and UNIX ...)
@@ -12354,7 +12354,7 @@
CVE-2015-0990 (Untrusted search path vulnerability in Ecava IntegraXor SCADA Server ...)
NOT-FOR-US: Ecava IntegraXor SCADA Server
CVE-2015-0989 (PACTware 4.1 SP3 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: PACTware
CVE-2015-0988
RESERVED
CVE-2015-0987
@@ -15368,7 +15368,7 @@
CVE-2014-9231
RESERVED
CVE-2014-9230 (Cross-site scripting (XSS) vulnerability in the administration console ...)
- TODO: check
+ NOT-FOR-US: Enforce Server in Symantec Data Loss Prevention
CVE-2014-9229
RESERVED
CVE-2014-9228
@@ -16639,7 +16639,7 @@
CVE-2015-0197 (IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 ...)
NOT-FOR-US: IBM General Parallel File System
CVE-2015-0196 (CRLF injection vulnerability in IBM WebSphere Commerce 6.0 through ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0195
RESERVED
CVE-2015-0194
@@ -16686,7 +16686,7 @@
CVE-2015-0174 (The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2015-0173 (The HTTP connection-management functionality in Internet Pass-Thru ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0172
RESERVED
CVE-2015-0171 (Directory traversal vulnerability in IBM Security SiteProtector System ...)
@@ -16770,7 +16770,7 @@
CVE-2015-0132 (The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 ...)
NOT-FOR-US: IBM
CVE-2015-0131 (Cross-site scripting (XSS) vulnerability in IBM Leads 7.x, 8.1.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0130
RESERVED
CVE-2015-0129 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality ...)
@@ -16778,9 +16778,9 @@
CVE-2015-0128 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality ...)
NOT-FOR-US: IBM Rational Quality Manager
CVE-2015-0127 (IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0126 (IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0125 (Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next ...)
NOT-FOR-US: IBM Rational DOORS Next Generation
CVE-2015-0124 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality ...)
@@ -16796,13 +16796,13 @@
CVE-2015-0119 (FastBack Mount in IBM Tivoli Storage Manager FastBack 6.1.x before ...)
NOT-FOR-US: IBM Tivoli Storage Manager FastBack
CVE-2015-0118 (IBM WebSphere Message Broker Toolkit 7 before 7007 IF2 and 8 before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0117 (The LDAP Server in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x ...)
NOT-FOR-US: IBM Domino
CVE-2015-0116 (IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0115 (Cross-site request forgery (CSRF) vulnerability in IBM Leads 7.x, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0114
RESERVED
CVE-2015-0113 (The Jazz help system in IBM Rational Collaborative Lifecycle ...)
@@ -24083,7 +24083,7 @@
CVE-2014-6199 (The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x ...)
NOT-FOR-US: IBM
CVE-2014-6198 (Cross-site request forgery (CSRF) vulnerability in IBM Security ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6197 (IBM Security Network Protection 5.1.x and 5.2.x before 5.2.0.0 FP5 and ...)
NOT-FOR-US: IBM
CVE-2014-6196 (Cross-site scripting (XSS) vulnerability in IBM Web Experience Factory ...)
@@ -27401,7 +27401,7 @@
CVE-2014-4769 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.8 ...)
NOT-FOR-US: IBM
CVE-2014-4768 (IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-4767 (IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2014-4766 (IBM Sametime Classic Meeting Server 8.0.x and 8.5.x allows remote ...)
More information about the Secure-testing-commits
mailing list