[Secure-testing-commits] r34483 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 25 05:38:22 UTC 2015
Author: carnil
Date: 2015-05-25 05:38:22 +0000 (Mon, 25 May 2015)
New Revision: 34483
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-25 05:10:34 UTC (rev 34482)
+++ data/CVE/list 2015-05-25 05:38:22 UTC (rev 34483)
@@ -213,7 +213,7 @@
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c27f012b7a447e59d4a704688971cbfa7dddaa74
NOTE: http://www.openwall.com/lists/oss-security/2015/05/17/2 and http://www.openwall.com/lists/oss-security/2015/05/18/2
CVE-2015-3987 (Multiple unquoted Windows search path vulnerabilities in the (1) ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2015-3986 (Cross-site request forgery (CSRF) vulnerability in the TheCartPress ...)
NOT-FOR-US: TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress
CVE-2015-3985
@@ -2358,7 +2358,7 @@
RESERVED
NOT-FOR-US: abrt is Red Hat / Fedora specific
CVE-2015-3141 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Synametrics Technologies Xeams
CVE-2015-3140
RESERVED
CVE-2015-3139
@@ -2572,7 +2572,7 @@
CVE-2015-3037
RESERVED
CVE-2015-3036 (Stack-based buffer overflow in the run_init_sbus function in the ...)
- TODO: check
+ NOT-FOR-US: KCodes NetUSB module for the Linux kernel
CVE-2015-3035 (Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with ...)
NOT-FOR-US: TP-LINK Router
CVE-2015-3034
@@ -4415,7 +4415,7 @@
CVE-2015-2347 (Cross-site scripting (XSS) vulnerability in Huawei SEQ Analyst before ...)
NOT-FOR-US: Huawei SEQ Analyst
CVE-2015-2346 (XML external entity (XXE) in Huawei SEQ Analyst before ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-2345
RESERVED
CVE-2015-2344
@@ -4840,7 +4840,7 @@
CVE-2015-2251
RESERVED
CVE-2015-2250 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 ...)
- TODO: check
+ NOT-FOR-US: concrete5
CVE-2015-2249
RESERVED
CVE-2015-2248 (Cross-site request forgery (CSRF) vulnerability in the user portal in ...)
@@ -5709,7 +5709,7 @@
CVE-2015-1921
RESERVED
CVE-2015-1920 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1919
RESERVED
CVE-2015-1918
@@ -5745,9 +5745,9 @@
CVE-2015-1904
RESERVED
CVE-2015-1903 (Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1902 (Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1901
RESERVED
CVE-2015-1900
@@ -8133,7 +8133,7 @@
CVE-2015-1189
RESERVED
CVE-2015-1188 (The certificate verification functions in the HNDS service in Swisscom ...)
- TODO: check
+ NOT-FOR-US: Swisscom Centro Grande DSL router
CVE-2015-1187
RESERVED
NOT-FOR-US: D-Link
@@ -9267,7 +9267,7 @@
CVE-2015-0916 (SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows ...)
- cacti 0.8.6f-1
CVE-2015-0915 (Cross-site scripting (XSS) vulnerability in RAKUS MailDealer 11.2.1 ...)
- TODO: check
+ NOT-FOR-US: RAKUS MailDealer
CVE-2015-0914 (EasyCTF before 1.4 does not validate the session ID, which allows ...)
NOT-FOR-US: EasyCTF
CVE-2015-0913 (Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows ...)
@@ -9738,7 +9738,7 @@
CVE-2015-0747
RESERVED
CVE-2015-0746 (The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows ...)
- TODO: check
+ NOT-FOR-US: Cisco Access Control Server
CVE-2015-0745
RESERVED
CVE-2015-0744
@@ -9746,45 +9746,45 @@
CVE-2015-0743
RESERVED
CVE-2015-0742 (The Protocol Independent Multicast (PIM) application in Cisco Adaptive ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0741 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0740 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0739 (The Lights-Out Management (LOM) implementation in Cisco FireSIGHT ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0738 (Cross-site scripting (XSS) vulnerability in the Web Tracking Report ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0737
RESERVED
CVE-2015-0736 (Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0735 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0734 (Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0733
RESERVED
CVE-2015-0732
RESERVED
CVE-2015-0731 (The ISDN implementation in Cisco IOS 15.3S allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0730 (The SMB module in Cisco Wide Area Application Services (WAAS) 6.0(1) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0729 (Cross-site scripting (XSS) vulnerability in Cisco Secure Access ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0728 (Cross-site scripting (XSS) vulnerability in Cisco Access Control ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0727 (Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0726 (The web administration interface on Cisco Wireless LAN Controller ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0725
RESERVED
CVE-2015-0724 (Multiple cross-site scripting (XSS) vulnerabilities in dncs 7.0.0.12 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0723 (The wireless web-authentication subsystem on Cisco Wireless LAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0722
RESERVED
CVE-2015-0721
@@ -9796,7 +9796,7 @@
CVE-2015-0718
RESERVED
CVE-2015-0717 (Cisco Unified Communications Manager 10.0(1.10000.12) allows local ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0716 (Cross-site request forgery (CSRF) vulnerability in the CUCReports page ...)
NOT-FOR-US: Cisco Unity Connection
CVE-2015-0715 (SQL injection vulnerability in the administrative web interface in ...)
@@ -9962,7 +9962,7 @@
CVE-2015-0635 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco ...)
NOT-FOR-US: Cisco
CVE-2015-0634 (Cross-site scripting (XSS) vulnerability in the administrative ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0633 (The Integrated Management Controller (IMC) in Cisco Unified Computing ...)
NOT-FOR-US: Cisco
CVE-2015-0632 (Race condition in the Neighbor Discovery (ND) protocol implementation ...)
@@ -11881,7 +11881,7 @@
CVE-2014-9205 (Stack-based buffer overflow in the PmBase64Decode function in an ...)
NOT-FOR-US: MICROSYS PROMOTIC
CVE-2014-9204 (Stack-based buffer overflow in OPCTest.exe in Rockwell Automation ...)
- TODO: check
+ NOT-FOR-US: OPCTest.exe in Rockwell Automation RSLinx Classic
CVE-2014-9203 (Buffer overflow in the Field Device Tool (FDT) Frame application in ...)
NOT-FOR-US: HART Device Type Manager (DTM) library
CVE-2014-9202
@@ -13127,7 +13127,7 @@
CVE-2015-0190
RESERVED
CVE-2015-0189 (The cluster repository manager in IBM WebSphere MQ 7.5 before 7.5.0.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0188
RESERVED
CVE-2015-0187
@@ -13660,7 +13660,7 @@
CVE-2014-8925 (Cross-site request forgery (CSRF) vulnerability in ClearQuest Web in ...)
NOT-FOR-US: IBM
CVE-2014-8924 (The server in IBM License Metric Tool 7.2.2 before IF15 and 7.5 before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-8923 (The (1) IBM Tivoli Identity Manager Active Directory adapter before ...)
NOT-FOR-US: IBM
CVE-2014-8922
@@ -15076,9 +15076,9 @@
CVE-2014-8385 (Buffer overflow on Advantech EKI-1200 gateways with firmware before ...)
NOT-FOR-US: Advantech EKI-1200 gateways
CVE-2014-8384 (The InFocus IN3128HD projector with firmware 0.26 does not restrict ...)
- TODO: check
+ NOT-FOR-US: InFocus IN3128HD projector
CVE-2014-8383 (The InFocus IN3128HD projector with firmware 0.26 allows remote ...)
- TODO: check
+ NOT-FOR-US: InFocus IN3128HD projector
CVE-2014-8382
RESERVED
CVE-2014-8381 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
@@ -20522,7 +20522,7 @@
CVE-2014-6212 (The Echo API in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 ...)
NOT-FOR-US: IBM
CVE-2014-6211 (The command-line scripts in IBM WebSphere Commerce 6.0 through ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6210 (IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 ...)
NOT-FOR-US: IBM
CVE-2014-6209 (IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 ...)
@@ -23852,7 +23852,7 @@
CVE-2014-4777
RESERVED
CVE-2014-4776 (IBM License Metric Tool 9 before 9.1.0.2 does not have an off ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-4775 (IBM InfoSphere Master Data Management - Collaborative Edition 10.x ...)
NOT-FOR-US: IBM
CVE-2014-4774
@@ -31646,11 +31646,11 @@
CVE-2014-1903 (admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, ...)
- freepbx <itp> (bug #464926)
CVE-2014-1902 (Multiple cross-site scripting (XSS) vulnerabilities in Y-Cam camera ...)
- TODO: check
+ NOT-FOR-US: Y-Cam cameras
CVE-2014-1901 (Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range ...)
- TODO: check
+ NOT-FOR-US: Y-Cam cameras
CVE-2014-1900 (Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range ...)
- TODO: check
+ NOT-FOR-US: Y-Cam cameras
CVE-2014-1899 (Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway ...)
NOT-FOR-US: Citrix NetScaler Gateway
CVE-2014-1898
@@ -65314,7 +65314,7 @@
CVE-2012-3244
RESERVED
CVE-2012-3243 (Cross-site scripting (XSS) vulnerability in the SEOgento plugin for ...)
- TODO: check
+ NOT-FOR-US: SEOgento plugin for Magento
CVE-2012-3242
RESERVED
CVE-2012-3241 (The VMware Broker in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 does not ...)
@@ -68556,7 +68556,7 @@
CVE-2012-1979 (Cross-site scripting (XSS) vulnerability in starnet/index.php in ...)
NOT-FOR-US: SyndeoCMS
CVE-2012-1978 (Multiple cross-site request forgery (CSRF) vulnerabilities in Simple ...)
- TODO: check
+ NOT-FOR-US: Simple PHP Agenda
CVE-2012-1977 (WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of ...)
NOT-FOR-US: WellinTech KingSCADA
CVE-2012-1976 (Use-after-free vulnerability in the ...)
More information about the Secure-testing-commits
mailing list