[Secure-testing-commits] r32613 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Mar 3 17:17:43 UTC 2015
Author: carnil
Date: 2015-03-03 17:17:43 +0000 (Tue, 03 Mar 2015)
New Revision: 32613
Modified:
data/CVE/list
Log:
Process couple of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-03 17:15:13 UTC (rev 32612)
+++ data/CVE/list 2015-03-03 17:17:43 UTC (rev 32613)
@@ -203,9 +203,9 @@
CVE-2015-2092
RESERVED
CVE-2015-2090 (SQL injection vulnerability in the ajax_survey function in ...)
- TODO: check
+ NOT-FOR-US: ajax_survey function in settings.php in the WordPress Survey and Poll plugin for WordPress
CVE-2015-2089 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: CrossSlide jQuery (crossslide-jquery-plugin-for-wordpress) plugin for WordPress
CVE-2015-2088 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
TODO: check
CVE-2015-2087 (Unrestricted file upload vulnerability in the Avatar Uploader module ...)
@@ -234,7 +234,7 @@
CVE-2015-2085
RESERVED
CVE-2015-2084 (Cross-site request forgery (CSRF) vulnerability in the Easy Social ...)
- TODO: check
+ NOT-FOR-US: Easy Social Icons plugin for WordPress
CVE-2015-2083 (Cross-site request forgery (CSRF) vulnerability in Ilch CMS allows ...)
TODO: check
CVE-2015-2082 (Cross-site scripting (XSS) vulnerability in Login.aspx in UNIT4 ...)
@@ -278,7 +278,7 @@
CVE-2015-2070 (SQL injection vulnerability in eTouch SamePage Enterprise Edition ...)
TODO: check
CVE-2015-2069 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin ...)
- TODO: check
+ NOT-FOR-US: WooCommerce plugin for WordPress
CVE-2015-2068 (Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka ...)
TODO: check
CVE-2015-2067 (Directory traversal vulnerability in web/ajax_pluginconf.php in the ...)
@@ -286,7 +286,7 @@
CVE-2015-2066 (SQL injection vulnerability in DLGuard 4.5 allows remote attackers to ...)
TODO: check
CVE-2015-2065 (SQL injection vulnerability in videogalleryrss.php in the Apptha ...)
- TODO: check
+ NOT-FOR-US: Apptha WordPress Video Gallery (contus-video-gallery) plugin for WordPress
CVE-2015-2064 (Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, ...)
TODO: check
CVE-2015-2080 [Jetty remote unauthenticated credential exposure]
@@ -327,9 +327,9 @@
CVE-2015-2043 (Multiple cross-site scripting (XSS) vulnerabilities in Visualware ...)
TODO: check
CVE-2015-2040 (Cross-site scripting (XSS) vulnerability in the Contact Form DB (aka ...)
- TODO: check
+ NOT-FOR-US: Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin for WordPress
CVE-2015-2039 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: Acobot Live Chat & Contact Form plugin for WordPress
CVE-2015-XXXX [_IO_wstr_overflow integer overflow]
- eglibc <removed>
- glibc <unfixed> (bug #779587)
@@ -664,7 +664,7 @@
CVE-2015-1880
RESERVED
CVE-2015-1879 (Cross-site scripting (XSS) vulnerability in the Google Doc Embedder ...)
- TODO: check
+ NOT-FOR-US: Google Doc Embedder plugin for WordPress
CVE-2015-2042 [incorrect data type in rds_sysctl_rds_table]
RESERVED
- linux <unfixed>
More information about the Secure-testing-commits
mailing list