[Secure-testing-commits] r32681 - data/CVE
Michael Gilbert
mgilbert at moszumanska.debian.org
Sat Mar 7 05:07:13 UTC 2015
Author: mgilbert
Date: 2015-03-07 05:07:12 +0000 (Sat, 07 Mar 2015)
New Revision: 32681
Modified:
data/CVE/list
Log:
nfus
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-06 21:10:16 UTC (rev 32680)
+++ data/CVE/list 2015-03-07 05:07:12 UTC (rev 32681)
@@ -7,7 +7,7 @@
CVE-2015-2210
RESERVED
CVE-2015-2209 (DLGuard 4.5 allows remote attackers to obtain the installation path ...)
- TODO: check
+ NOT-FOR-US: DLGuard
CVE-2015-2208
RESERVED
CVE-2015-2207
@@ -351,7 +351,7 @@
CVE-2015-2081
RESERVED
CVE-2014-9685 (Multiple cross-site scripting (XSS) vulnerabilities in Vanilla Forums ...)
- TODO: check
+ NOT-FOR-US: Vanilla Forums
CVE-2015-XXXX [potential application crash due to overread in fnmatch]
- glibc <unfixed> (bug #779587)
- eglibc <removed>
@@ -3993,11 +3993,11 @@
CVE-2015-0894
RESERVED
CVE-2015-0893 (Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka ...)
- TODO: check
+ NOT-FOR-US: Maroyaka
CVE-2015-0892 (Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka ...)
- TODO: check
+ NOT-FOR-US: Maroyaka
CVE-2015-0891 (Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka ...)
- TODO: check
+ NOT-FOR-US: Maroyaka
CVE-2015-0890 (The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for ...)
NOT-FOR-US: BestWebSoft plugin for WordPress
CVE-2015-0889 (KENT-WEB Joyful Note before 5.3 allows remote attackers to delete ...)
@@ -6249,9 +6249,9 @@
CVE-2014-9284
RESERVED
CVE-2014-9283 (The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows ...)
- TODO: check
+ NOT-FOR-US: BestWebSoft plugin for WordPress
CVE-2014-9282 (Directory traversal vulnerability in the Speed Root Explorer ...)
- TODO: check
+ NOT-FOR-US: Speed Root Explorer
CVE-2014-9268 (The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR) ...)
NOT-FOR-US: Autodesk Design Review
CVE-2014-9267 (Heap-based buffer overflow in the PTC IsoView ActiveX control allows ...)
@@ -7636,7 +7636,7 @@
CVE-2015-0168
RESERVED
CVE-2015-0167 (Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in ...)
- TODO: check
+ NOT-FOR-US: textAngular
CVE-2015-0166
RESERVED
CVE-2015-0165
@@ -8135,7 +8135,7 @@
CVE-2014-8922
RESERVED
CVE-2014-8921 (The IBM Notes Traveler Companion application 1.0 and 1.1 before ...)
- TODO: check
+ NOT-FOR-US: IBM Notes Traveler Companion
CVE-2014-8920 (Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1 ...)
NOT-FOR-US: IBM
CVE-2014-8919
@@ -8734,7 +8734,7 @@
CVE-2014-8618
RESERVED
CVE-2014-8617 (Cross-site scripting (XSS) vulnerability in the Web Action Quarantine ...)
- TODO: check
+ NOT-FOR-US: FortiMail
CVE-2014-8616
RESERVED
CVE-2014-8615
@@ -9275,7 +9275,7 @@
CVE-2014-8488 (Cross-site scripting (XSS) vulnerability in the administrator panel in ...)
NOT-FOR-US: yourls
CVE-2014-8487 (Kony Management (aka Enterprise Mobile Management or EMM) 1.2 and ...)
- TODO: check
+ NOT-FOR-US: Kony Management
CVE-2014-8486
RESERVED
CVE-2014-8482
@@ -10873,7 +10873,7 @@
[squeeze] - chromium-browser <end-of-life>
- icu 52.1-7.1 (bug #776265)
CVE-2014-7922 (The GoogleAuthUtil.getToken method in the Google Play services SDK ...)
- TODO: check
+ NOT-FOR-US: Google Play
CVE-2014-7921
RESERVED
CVE-2014-7920
@@ -10958,7 +10958,7 @@
CVE-2014-7897
RESERVED
CVE-2014-7896 (Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2014-7895
RESERVED
CVE-2014-7894
@@ -10984,7 +10984,7 @@
CVE-2014-7884
RESERVED
CVE-2014-7883 (HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2014-7882 (Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows ...)
NOT-FOR-US: HP SiteScope
CVE-2014-7881 (Cross-site scripting (XSS) vulnerability in the server in HP Insight ...)
@@ -14670,13 +14670,13 @@
CVE-2014-6305
RESERVED
CVE-2014-6304 (The Form Controls CSS file in PNMsoft Sequence Kinetics before 7.7 ...)
- TODO: check
+ NOT-FOR-US: PNMsoft
CVE-2014-6303 (The Monitoring Administration pages in PNMsoft Sequence Kinetics ...)
- TODO: check
+ NOT-FOR-US: PNMsoft
CVE-2014-6302 (The Monitoring Administration pages in PNMsoft Sequence Kinetics ...)
- TODO: check
+ NOT-FOR-US: PNMsoft
CVE-2014-6301 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: PNMsoft
CVE-2014-6300 (Cross-site scripting (XSS) vulnerability in the micro history ...)
- phpmyadmin 4:4.2.8.1-1
NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php
@@ -14966,9 +14966,9 @@
CVE-2014-6196 (Cross-site scripting (XSS) vulnerability in IBM Web Experience Factory ...)
NOT-FOR-US: IBM WEF
CVE-2014-6195 (The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli
CVE-2014-6194 (Directory traversal vulnerability in an unspecified web form in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM Maximo
CVE-2014-6193 (IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, ...)
NOT-FOR-US: IBM
CVE-2014-6192
@@ -14989,7 +14989,7 @@
NOT-FOR-US: IBM
NOTE: https://www-01.ibm.com/support/docview.wss?uid=swg21695715
CVE-2014-6184 (Stack-based buffer overflow in dsmtca in the client in IBM Tivoli ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli
CVE-2014-6183 (IBM Security Network Protection 5.1 before 5.1.0.0 FP13, 5.1.1 before ...)
NOT-FOR-US: IBM Security Network Protection
CVE-2014-6182 (Directory traversal vulnerability in an export function in the Process ...)
@@ -15049,7 +15049,7 @@
CVE-2014-6155 (Multiple directory traversal vulnerabilities in the ServiceRegistry UI ...)
NOT-FOR-US: IBM
CVE-2014-6154 (Directory traversal vulnerability in IBM Optim Performance Manager for ...)
- TODO: check
+ NOT-FOR-US: IBM Optim
CVE-2014-6153 (The Web UI in IBM WebSphere Service Registry and Repository (WSRR) ...)
NOT-FOR-US: IBM
CVE-2014-6152 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli ...)
@@ -15063,7 +15063,7 @@
CVE-2014-6148 (IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 ...)
NOT-FOR-US: IBM Tivoli TADDM
CVE-2014-6147 (IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, ...)
- TODO: check
+ NOT-FOR-US: IBM FSM
CVE-2014-6146 (IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the ...)
NOT-FOR-US: IBM
CVE-2014-6145 (Cross-site scripting (XSS) vulnerability in the server in IBM Cognos ...)
@@ -15079,7 +15079,7 @@
CVE-2014-6140 (IBM Tivoli Endpoint Manager Mobile Device Management (MDM) before ...)
NOT-FOR-US: IBM Endpoint Manager Mobile Device Management Components
CVE-2014-6139 (The Search REST API in IBM Business Process Manager 8.0.1.3, 8.5.0.1, ...)
- TODO: check
+ NOT-FOR-US: IBM BPM
CVE-2014-6138 (The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 ...)
NOT-FOR-US: IBM
CVE-2014-6137 (Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page ...)
@@ -15127,11 +15127,11 @@
CVE-2014-6116 (The Telemetry Component in WebSphere MQ 8.0.0.1 before ...)
NOT-FOR-US: IBM WebSphere
CVE-2014-6115 (IBM Rational Insight 1.1.1.5 allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: IBM Rational Insight
CVE-2014-6114 (The Hosted Transparent Decision Service in the Rule Execution Server ...)
NOT-FOR-US: IBM WebSphere
CVE-2014-6113 (Cross-site scripting (XSS) vulnerability in the Web Reports component ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli
CVE-2014-6112
RESERVED
CVE-2014-6111
@@ -16922,7 +16922,7 @@
CVE-2014-5287
RESERVED
CVE-2014-5286 (The ActiveMatrix Policy Manager Authentication module in TIBCO ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2014-5285 (Unspecified vulnerability in the Authentication Module in TIBCO ...)
NOT-FOR-US: TIBCO Spotfire Server
CVE-2014-5284 (host-deny.sh in OSSEC before 2.8.1 writes to temporary files with ...)
@@ -25273,7 +25273,7 @@
CVE-2014-2189
RESERVED
CVE-2014-2188 (The Authentication Proxy feature in Cisco IOS does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2014-2187
RESERVED
CVE-2014-2186 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
@@ -69756,7 +69756,6 @@
NOT-FOR-US: Adobe Cold Fusion
CVE-2011-4367 (Multiple directory traversal vulnerabilities in MyFaces JavaServer ...)
- mojarra <undetermined>
- TODO: check
CVE-2011-4366
RESERVED
NOT-FOR-US: ** REJECT ** duplicate of CVE-2011-4090
More information about the Secure-testing-commits
mailing list