[Secure-testing-commits] r34999 - data/CVE
Helmut Grohne
helmutg at moszumanska.debian.org
Thu Jun 18 05:28:55 UTC 2015
Author: helmutg
Date: 2015-06-18 05:28:55 +0000 (Thu, 18 Jun 2015)
New Revision: 34999
Modified:
data/CVE/list
Log:
misc NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-18 05:28:45 UTC (rev 34998)
+++ data/CVE/list 2015-06-18 05:28:55 UTC (rev 34999)
@@ -313,7 +313,7 @@
CVE-2015-4466
RESERVED
CVE-2015-4465 (Cross-site scripting (XSS) vulnerability in the zM Ajax Login & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin zM Ajax Login & Register
CVE-2015-4464
RESERVED
CVE-2015-4463
@@ -473,7 +473,7 @@
CVE-2015-4416
RESERVED
CVE-2015-4415 (Multiple directory traversal vulnerabilities in func.php in Magnifica ...)
- TODO: check
+ NOT-FOR-US: Magnifica Webscripts Anima Gallery
CVE-2015-4414
RESERVED
NOT-FOR-US: WordPress plugin se-html5-album-audio-player
@@ -1231,7 +1231,7 @@
CVE-2015-4109 (Multiple SQL injection vulnerabilities in the ratings module in the ...)
NOT-FOR-US: WordPress plugin users-ultra
CVE-2015-4108 (Multiple cross-site request forgery (CSRF) vulnerabilities in Wing FTP ...)
- TODO: check
+ NOT-FOR-US: Wing FTP Server
CVE-2015-4107
RESERVED
CVE-2015-4106 (QEMU does not properly restrict write access to the PCI config space ...)
@@ -1602,7 +1602,7 @@
CVE-2015-3994 (The grant.xsfunc application in testApps/grantAccess/ in the XS Engine ...)
NOT-FOR-US: SAP HANA DB
CVE-2015-3993 (Actian Matrix 5.1.x through 5.1.2.4 and 5.2.x through 5.2.0.1 allows ...)
- TODO: check
+ NOT-FOR-US: Actian Matrix
CVE-2015-3992
RESERVED
CVE-2015-3991 [strongSwan DoS and potential RCE]
@@ -1728,11 +1728,11 @@
CVE-2015-3952
RESERVED
CVE-2015-3951 (RLE Nova-Wind Turbine HMI devices store cleartext credentials, which ...)
- TODO: check
+ NOT-FOR-US: RLE Nova-Wind Turbines
CVE-2015-3950 (Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on ...)
NOT-FOR-US: XZERES 442SR (wind turbine)
CVE-2015-3949 (Sinapsi eSolar Light with firmware before 2.0.3970_schsl_2.2.85 allows ...)
- TODO: check
+ NOT-FOR-US: Sinapsi eSolar Light
CVE-2015-3948
RESERVED
CVE-2015-3947
@@ -1786,7 +1786,7 @@
CVE-2015-3924
RESERVED
CVE-2015-3923 (Coppermine Photo Gallery before 1.5.36 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Coppermine Photo Gallery
CVE-2015-3922 (Open redirect vulnerability in mode.php in Coppermine Photo Gallery ...)
NOT-FOR-US: Coppermine Photo Gallery
CVE-2015-3921 (Cross-site scripting (XSS) vulnerability in contact.php in Coppermine ...)
@@ -4444,7 +4444,7 @@
CVE-2015-2963
RESERVED
CVE-2015-2962 (CGI RESCUE BloBee 1.20 and earlier allows remote attackers to write to ...)
- TODO: check
+ NOT-FOR-US: CGI RESCUE BloBee
CVE-2015-2961 (Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow ...)
NOT-FOR-US: Zoho NetFlow Analyzer
CVE-2015-2960 (Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer ...)
@@ -4452,19 +4452,19 @@
CVE-2015-2959 (Zoho NetFlow Analyzer build 10250 and earlier does not check for ...)
NOT-FOR-US: Zoho NetFlow Analyzer
CVE-2015-2958 (Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and ...)
- TODO: check
+ NOT-FOR-US: Igreks MilkyStep
CVE-2015-2957 (Cross-site scripting (XSS) vulnerability in Igreks MilkyStep Light ...)
- TODO: check
+ NOT-FOR-US: Igreks MilkyStep
CVE-2015-2956 (SQL injection vulnerability in Igreks MilkyStep Light 0.94 and earlier ...)
- TODO: check
+ NOT-FOR-US: Igreks MilkyStep
CVE-2015-2955 (Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and ...)
- TODO: check
+ NOT-FOR-US: Igreks MilkyStep
CVE-2015-2954 (Cross-site request forgery (CSRF) vulnerability in Igreks MilkyStep ...)
- TODO: check
+ NOT-FOR-US: Igreks MilkyStep
CVE-2015-2953 (Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and ...)
- TODO: check
+ NOT-FOR-US: Igreks MilkyStep
CVE-2015-2952 (The user-information management functionality in Igreks MilkyStep ...)
- TODO: check
+ NOT-FOR-US: Igreks MilkyStep
CVE-2015-2951 (JWT.php in F21 JWT before 2.0 allows remote attackers to bypass ...)
NOT-FOR-US: PHP JWT aibrary
CVE-2015-2950 (Directory traversal vulnerability in the Brandon Bowles Open Explorer ...)
@@ -6077,17 +6077,17 @@
CVE-2015-2342
RESERVED
CVE-2015-2341 (VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2015-2340 (TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2015-2339 (TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2015-2338 (TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2015-2337 (TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2015-2336 (TPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2015-2335 (A JSON library in MyBB (aka MyBulletinBoard) before 1.8.4 allows ...)
NOT-FOR-US: MyBB
CVE-2015-2334 (Cross-site request forgery (CSRF) vulnerability in the Admin Control ...)
@@ -15992,15 +15992,15 @@
CVE-2014-8608 (The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) ...)
NOT-FOR-US: K7 Computing
CVE-2014-8607 (The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides ...)
- TODO: check
+ NOT-FOR-US: XCloner plugin for WordPress and Joomla!
CVE-2014-8606 (Directory traversal vulnerability in the XCloner plugin 3.1.1 for ...)
- TODO: check
+ NOT-FOR-US: XCloner plugin for WordPress and Joomla!
CVE-2014-8605 (The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! stores ...)
- TODO: check
+ NOT-FOR-US: XCloner plugin for WordPress and Joomla!
CVE-2014-8604 (The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! returns ...)
- TODO: check
+ NOT-FOR-US: XCloner plugin for WordPress and Joomla!
CVE-2014-8603 (cloner.functions.php in the XCloner plugin 3.1.1 for WordPress and ...)
- TODO: check
+ NOT-FOR-US: XCloner plugin for WordPress and Joomla!
CVE-2014-8602 (iterator.c in NLnet Labs Unbound before 1.5.1 does not limit ...)
{DSA-3097-1 DLA-107-1}
- unbound 1.4.22-3 (bug #772622)
@@ -62967,7 +62967,7 @@
CVE-2012-4717
RESERVED
CVE-2012-4716 (N-Tron 702-W Industrial Wireless Access Point devices use the same (1) ...)
- TODO: check
+ NOT-FOR-US: N-Tron 702-W Industrial Wireless Access Point
CVE-2012-4715 (Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx ...)
NOT-FOR-US: Rockwell Automation RSLinx Enterprise
CVE-2012-4714 (Integer overflow in RNADiagnostics.dll in Rockwell Automation ...)
More information about the Secure-testing-commits
mailing list