[Secure-testing-commits] r40219 - data/CVE
Michael Gilbert
mgilbert at moszumanska.debian.org
Tue Mar 8 05:26:32 UTC 2016
Author: mgilbert
Date: 2016-03-08 05:26:32 +0000 (Tue, 08 Mar 2016)
New Revision: 40219
Modified:
data/CVE/list
Log:
nfus
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-08 05:24:05 UTC (rev 40218)
+++ data/CVE/list 2016-03-08 05:26:32 UTC (rev 40219)
@@ -1335,7 +1335,7 @@
CVE-2016-2399
RESERVED
CVE-2016-2398 (Comcast XFINITY Home Security System does not properly maintain ...)
- TODO: check
+ NOT-FOR-US: XFINITY
CVE-2016-2397 (The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA ...)
NOT-FOR-US: Dell
CVE-2016-2396 (The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, ...)
@@ -1791,9 +1791,9 @@
CVE-2016-2280
RESERVED
CVE-2016-2279 (Cross-site scripting (XSS) vulnerability in the web server in Rockwell ...)
- TODO: check
+ NOT-FOR-US: CompactLogix
CVE-2016-2278 (Schneider Electric Struxureware Building Operations Automation Server ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2016-2277
RESERVED
CVE-2016-2276
@@ -2005,7 +2005,7 @@
CVE-2016-2215
RESERVED
CVE-2016-2214 (Cross-site scripting (XSS) vulnerability in an unspecified portal ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2016-2212
RESERVED
CVE-2016-2211
@@ -2643,7 +2643,7 @@
[squeeze] - python-django <not-affected> (Only affects 1.9)
NOTE: https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/
CVE-2016-2046 (Cross-site scripting (XSS) vulnerability in the UserPortal page in ...)
- TODO: check
+ NOT-FOR-US: SOPHOS
CVE-2016-2045 (Cross-site scripting (XSS) vulnerability in the SQL editor in ...)
- phpmyadmin 4:4.5.4-1
[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
@@ -3051,7 +3051,7 @@
NOTE: https://bugs.linuxfoundation.org/show_bug.cgi?id=1336
NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7431
CVE-2016-1926 (Cross-site scripting (XSS) vulnerability in the charts module in ...)
- TODO: check
+ NOT-FOR-US: Greenbone Security Assistant
CVE-2016-1921
RESERVED
CVE-2016-1918
@@ -3065,7 +3065,7 @@
CVE-2016-1914
RESERVED
CVE-2016-1913 (Multiple cross-site scripting (XSS) vulnerabilities in the Redhen ...)
- TODO: check
+ NOT-FOR-US: Redhen module for Drupal
CVE-2016-1912 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ...)
- dolibarr 3.5.8+dfsg1-1 (bug #812496)
[jessie] - dolibarr <no-dsa> (Minor issue)
@@ -3075,7 +3075,7 @@
CVE-2016-1910 (The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers ...)
NOT-FOR-US: SAP
CVE-2016-1909 (FortiOS 4.x before 4.3.17 and 5.0.x before 5.0.8 has a hardcoded ...)
- TODO: check
+ NOT-FOR-US: FortiOS
CVE-2015-8775
RESERVED
CVE-2015-8774
@@ -4042,7 +4042,7 @@
CVE-2016-1566
RESERVED
CVE-2016-1565 (Cross-site scripting (XSS) vulnerability in the Field Group module ...)
- TODO: check
+ NOT-FOR-US: Field Group module for Drupal
CVE-2015-8768
RESERVED
NOT-FOR-US: Click package manager
@@ -4050,9 +4050,9 @@
CVE-2015-8766 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
TODO: check
CVE-2015-8765 (Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2015-8761 (The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly ...)
- TODO: check
+ NOT-FOR-US: Values module for Drupal
CVE-2015-8760 (The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote ...)
TODO: check
CVE-2015-8759 (Cross-site scripting (XSS) vulnerability in the typoLink function in ...)
@@ -4066,9 +4066,9 @@
CVE-2015-8755 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...)
TODO: check
CVE-2015-8754 (The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote ...)
- TODO: check
+ NOT-FOR-US: Mollom module for Drupal
CVE-2015-8753 (SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization ...)
- TODO: check
+ NOT-FOR-US: SAP Afaria
CVE-2015-8752
RESERVED
CVE-2016-1714 [nvram: OOB r/w access in processing firmware configurations]
@@ -4324,17 +4324,17 @@
[jessie] - owncloud 7.0.4+dfsg-4~deb8u4
NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-001
CVE-2016-1493 (Intel Driver Update Utility before 2.4 retrieves driver updates in ...)
- TODO: check
+ NOT-FOR-US: Intel Driver Update Utility
CVE-2016-1492 (The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2016-1491 (The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2016-1490 (The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2016-1489 (Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2016-1488 (Cross-site scripting (XSS) vulnerability in the login form in the ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2016-1487
RESERVED
CVE-2016-1486
@@ -4592,17 +4592,17 @@
CVE-2016-1360
RESERVED
CVE-2016-1359 (Cisco Prime Infrastructure 3.0 allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1358 (Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1357 (The password-management administration component in Cisco Policy Suite ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1356 (Cisco FireSIGHT System Software 6.1.0 does not use a constant-time ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1355 (Cross-site scripting (XSS) vulnerability in the Device Management UI ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1354 (Cross-site scripting (XSS) vulnerability in Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1353 (The TCP implementation in Cisco Videoscape Distribution Suite for ...)
NOT-FOR-US: Cisco Videoscape Distribution Suite
CVE-2016-1352
@@ -4626,7 +4626,7 @@
CVE-2016-1343
RESERVED
CVE-2016-1342 (The device login page in Cisco FirePOWER Management Center 5.3 through ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1341 (Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 ...)
NOT-FOR-US: Cisco
CVE-2016-1340
@@ -4688,43 +4688,43 @@
CVE-2016-1312
RESERVED
CVE-2016-1311 (Cross-site scripting (XSS) vulnerability in the management interface ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1310 (Cross-site scripting (XSS) vulnerability in Cisco Unity Connection ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1309 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1308 (SQL injection vulnerability in Cisco Unified Communications Manager ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1307 (The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1306 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Fog ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1305 (Cross-site scripting (XSS) vulnerability in Cisco Application Policy ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1304 (Cross-site scripting (XSS) vulnerability in Cisco Unity Connection ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1303 (The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1302 (Cisco Application Policy Infrastructure Controller (APIC) devices with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1301 (The RBAC implementation in Cisco ASA-CX Content-Aware Security ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1300 (Cross-site scripting (XSS) vulnerability in Cisco Unity Connection ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1299 (The web-management GUI implementation on Cisco Small Business SG300 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1298 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1297 (The Device Manager GUI in Cisco Application Control Engine (ACE) 4710 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1296 (The proxy engine on Cisco Web Security Appliance (WSA) devices with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1295 (Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1294 (Cross-site scripting (XSS) vulnerability in the Management Center in ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1293 (Multiple cross-site scripting (XSS) vulnerabilities in the Management ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2016-1292
RESERVED
CVE-2016-1291
@@ -5179,19 +5179,19 @@
CVE-2016-1263
RESERVED
CVE-2016-1262 (Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2016-1261
RESERVED
CVE-2016-1260 (Juniper Junos OS before 13.2X51-D36, 14.1X53 before 14.1X53-D25, and ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2016-1259
RESERVED
CVE-2016-1258 (Embedthis Appweb, as used in J-Web in Juniper Junos OS before ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2016-1257 (The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2016-1256 (Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2015-8706
RESERVED
CVE-2015-8705 (buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug ...)
@@ -5429,15 +5429,15 @@
CVE-2016-1159
RESERVED
CVE-2016-1158 (Cross-site request forgery (CSRF) vulnerability on Corega CG-WLBARGMH ...)
- TODO: check
+ NOT-FOR-US: Corega
CVE-2016-1157 (Cross-site scripting (XSS) vulnerability in log_chat.cgi in Script* ...)
- TODO: check
+ NOT-FOR-US: Log-Chat
CVE-2016-1156 (LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X ...)
- TODO: check
+ NOT-FOR-US: LINE
CVE-2016-1155
RESERVED
CVE-2016-1154 (SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in ...)
- TODO: check
+ NOT-FOR-US: Cuore EC-CUBE
CVE-2016-1153 (customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote ...)
NOT-FOR-US: Cybozu Office
CVE-2016-1152 (Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users ...)
@@ -5455,35 +5455,35 @@
CVE-2016-1146
RESERVED
CVE-2016-1145 (Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER ...)
- TODO: check
+ NOT-FOR-US: NEC EXPRESSCLUSTER
CVE-2016-1144 (Cross-site scripting (XSS) vulnerability in JOB-CUBE -JOB WEB SYSTEM ...)
- TODO: check
+ NOT-FOR-US: High Income
CVE-2016-1143 (Cross-site scripting (XSS) vulnerability in main.rb in Vine MV before ...)
- TODO: check
+ NOT-FOR-US: Vine MV
CVE-2016-1142 (Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows ...)
- TODO: check
+ NOT-FOR-US: Seeds acmailer
CVE-2016-1141 (KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users ...)
- TODO: check
+ NOT-FOR-US: KDDI HOME SPOT CUBE
CVE-2016-1140 (KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct ...)
- TODO: check
+ NOT-FOR-US: KDDI HOME SPOT CUBE
CVE-2016-1139 (Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE ...)
- TODO: check
+ NOT-FOR-US: KDDI HOME SPOT CUBE
CVE-2016-1138 (CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 ...)
- TODO: check
+ NOT-FOR-US: KDDI HOME SPOT CUBE
CVE-2016-1137 (Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 ...)
- TODO: check
+ NOT-FOR-US: KDDI HOME SPOT CUBE
CVE-2016-1136 (Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE ...)
- TODO: check
+ NOT-FOR-US: KDDI HOME SPOT CUBE
CVE-2016-1135 (Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices ...)
- TODO: check
+ NOT-FOR-US: BUFFALO
CVE-2016-1134 (Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 ...)
- TODO: check
+ NOT-FOR-US: BUFFALO
CVE-2016-1133 (CRLF injection vulnerability in the on_req function in ...)
- TODO: check
+ NOT-FOR-US: H2O
CVE-2016-1132
RESERVED
CVE-2016-1131 (Buffer overflow in the CL_vsprintf function in Takumi Yamada DX ...)
- TODO: check
+ NOT-FOR-US: Takumi Yamada
CVE-2015-8698
RESERVED
CVE-2015-8696
@@ -5533,13 +5533,13 @@
CVE-2015-8676
RESERVED
CVE-2015-8675 (Huawei S5300 Campus Series switches with software before ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8674
RESERVED
CVE-2015-8673 (Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8672 (The presentation transmission permission management mechanism in ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8671
RESERVED
CVE-2015-8670
@@ -5963,49 +5963,49 @@
CVE-2016-0986
RESERVED
CVE-2016-0985 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0984 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0983 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0982 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0981 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0980 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0979 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0978 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0977 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0976 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0975 (Use-after-free vulnerability in the instanceof function in Adobe Flash ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0974 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0973 (Use-after-free vulnerability in the URLRequest object implementation ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0972 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0971 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0970 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0969 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0968 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0967 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0966 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0965 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0964 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0963
RESERVED
CVE-2016-0962
@@ -6017,27 +6017,27 @@
CVE-2016-0959
RESERVED
CVE-2016-0958 (Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0957 (Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0956 (The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe ...)
NOT-FOR-US: Apache Sling
CVE-2016-0955 (Cross-site scripting (XSS) vulnerability in Adobe Experience Manager ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0954
RESERVED
CVE-2016-0953 (Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0952 (Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0951 (Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0950 (Adobe Connect before 9.5.2 allows remote attackers to spoof the user ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0949 (Adobe Connect before 9.5.2 allows remote attackers to have an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0948 (Cross-site request forgery (CSRF) vulnerability in Adobe Connect ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-0947 (Untrusted search path vulnerability in Adobe Download Manager, as used ...)
NOT-FOR-US: Adobe
CVE-2016-0946 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
@@ -6175,7 +6175,7 @@
NOTE: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3584
NOTE: https://bugs.gentoo.org/show_bug.cgi?id=569010
CVE-2015-8611 (BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and ...)
- TODO: check
+ NOT-FOR-US: BIG-IP
CVE-2015-8613 [scsi: stack based buffer overflow in megasas_ctrl_get_info]
RESERVED
{DSA-3471-1}
@@ -6348,7 +6348,7 @@
- isc-dhcp 4.3.3-7 (bug #810875)
NOTE: https://kb.isc.org/article/AA-01334
CVE-2015-8603 (Cross-site scripting (XSS) vulnerability in Serendipity before 2.0.3 ...)
- TODO: check
+ NOT-FOR-US: Serendipity
CVE-2015-8602 (The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does ...)
NOT-FOR-US: Token Insert Entity module for Drupal
CVE-2015-8601 (The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not ...)
@@ -6360,7 +6360,7 @@
CVE-2015-8598
RESERVED
CVE-2015-8597 (Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 ...)
- TODO: check
+ NOT-FOR-US: Blue Coat
CVE-2015-8596
RESERVED
CVE-2015-8595
@@ -6408,43 +6408,43 @@
CVE-2016-0870
RESERVED
CVE-2016-0869 (Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows ...)
- TODO: check
+ NOT-FOR-US: MICROSYS PROMOTIC
CVE-2016-0868 (Stack-based buffer overflow on Rockwell Automation Allen-Bradley ...)
- TODO: check
+ NOT-FOR-US: MicroLogix
CVE-2016-0867 (CAREL PlantVisorEnhanced allows remote attackers to bypass intended ...)
- TODO: check
+ NOT-FOR-US: CAREL
CVE-2016-0866 (Cross-site scripting (XSS) vulnerability in Tollgrade SmartGrid ...)
- TODO: check
+ NOT-FOR-US: Tollgrade
CVE-2016-0865 (Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software ...)
- TODO: check
+ NOT-FOR-US: Tollgrade
CVE-2016-0864 (Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software ...)
- TODO: check
+ NOT-FOR-US: Tollgrade
CVE-2016-0863 (Cross-site request forgery (CSRF) vulnerability in Tollgrade SmartGrid ...)
- TODO: check
+ NOT-FOR-US: Tollgrade
CVE-2016-0862 (General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter ...)
NOT-FOR-US: General Electric devices
CVE-2016-0861 (General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter ...)
NOT-FOR-US: General Electric devices
CVE-2016-0860 (Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess ...)
- TODO: check
+ NOT-FOR-US: BwpAlarm
CVE-2016-0859 (Integer overflow in the Kernel service in Advantech WebAccess before ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2016-0858 (Race condition in Advantech WebAccess before 8.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2016-0857 (Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2016-0856 (Multiple stack-based buffer overflows in Advantech WebAccess before ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2016-0855 (Directory traversal vulnerability in Advantech WebAccess before 8.1 ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2016-0854 (Unrestricted file upload vulnerability in Advantech WebAccess before ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2016-0853 (Advantech WebAccess before 8.1 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2016-0852 (Advantech WebAccess before 8.1 allows remote attackers to bypass an ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2016-0851 (Advantech WebAccess before 8.1 allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2016-0850
RESERVED
CVE-2016-0849
@@ -7636,17 +7636,17 @@
- mariadb-10.0 <not-affected> (Fixed before the initial release in Debian, 10.0.4)
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
CVE-2016-0501 (Unspecified vulnerability in the Oracle Secure Global Desktop ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0500 (Unspecified vulnerability in the Oracle Retail Order Broker Cloud ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0499 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0498 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0497 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0496 (Unspecified vulnerability in the MICROS CWDirect component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0495 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
{DSA-3454-1}
- virtualbox 5.0.14-dfsg-1
@@ -7664,25 +7664,25 @@
NOTE: CVE-2015-4844 was not yet applied. CVE-2016-0494 was introduced as part of
NOTE: the CVE-2015-4844 fix.
CVE-2016-0493 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0492 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0491 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0490 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0489 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0488 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0487 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0486 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0485 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0484 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0483 (Unspecified vulnerability in the Java SE, Java SE Embedded, and ...)
{DSA-3465-1 DSA-3458-1 DLA-410-1}
- openjdk-8 8u72-b15-1
@@ -7690,37 +7690,37 @@
- openjdk-6 <removed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1299441#c2
CVE-2016-0482 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0481 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0480 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0479
RESERVED
CVE-2016-0478 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0477 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0476 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0475 (Unspecified vulnerability in the Java SE, Java SE Embedded, and ...)
- openjdk-8 8u72-b15-1
CVE-2016-0474 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0473 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0472 (Unspecified vulnerability in the XDB - XML Database component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0471 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0470 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0469
RESERVED
CVE-2016-0468
RESERVED
CVE-2016-0467 (Unspecified vulnerability in the Security component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0466 (Unspecified vulnerability in the Java SE, Java SE Embedded, and ...)
{DSA-3465-1 DSA-3458-1 DLA-410-1}
- openjdk-8 8u72-b15-1
@@ -7728,39 +7728,39 @@
- openjdk-6 <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1299385#c4
CVE-2016-0465 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0464 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0463 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0462 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0461 (Unspecified vulnerability in the XDB - XML Database component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0460 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0459 (Unspecified vulnerability in the Oracle Applications Framework ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0458 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0457 (Unspecified vulnerability in the Application Mgmt Pack for E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0456 (Unspecified vulnerability in the Application Mgmt Pack for E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0455 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0454 (Unspecified vulnerability in the Oracle Mobile Application Servlet ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0453 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0452 (Unspecified vulnerability in the Oracle GoldenGate component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0451 (Unspecified vulnerability in the Oracle GoldenGate component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0450 (Unspecified vulnerability in the Oracle GoldenGate component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0449 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0448 (Unspecified vulnerability in the Java SE and Java SE Embedded ...)
{DSA-3465-1 DSA-3458-1 DLA-410-1}
- openjdk-8 8u72-b15-1
@@ -7768,95 +7768,95 @@
- openjdk-6 <removed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1299385#c4
CVE-2016-0447 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0446 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0445 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0444 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0443 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0442 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0441 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0440 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0439 (Unspecified vulnerability in the Web Cache component in Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0438 (Unspecified vulnerability in the Oracle Retail Point-of-Service ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0437 (Unspecified vulnerability in the Oracle Retail Point-of-Service ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0436 (Unspecified vulnerability in the Oracle Retail Point-of-Service ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0435 (Unspecified vulnerability in the Oracle Retail Point-of-Service ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0434 (Unspecified vulnerability in the Oracle Retail Point-of-Service ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0433 (Unspecified vulnerability in the Web Cache component in Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0432 (Unspecified vulnerability in the Oracle Outside In Technology ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0431 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0430 (Unspecified vulnerability in the Web Cache component in Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0429 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0428 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0427 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0426 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0425 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0424 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0423 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0422 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0421 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0420 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0419 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0418 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0417 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0416 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0415 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0414 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0413 (Unspecified vulnerability in the Oracle Identity Federation component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0412 (Unspecified vulnerability in the PeopleSoft Enterprise SCM ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0411 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0410
RESERVED
CVE-2016-0409 (Unspecified vulnerability in the PeopleSoft Enterprise HCM Global ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0408
RESERVED
CVE-2016-0407
RESERVED
CVE-2016-0406 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0405 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0404 (Unspecified vulnerability in the Oracle Identity Federation component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0403 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-0402 (Unspecified vulnerability in the Java SE and Java SE Embedded ...)
{DSA-3465-1 DSA-3458-1 DLA-410-1}
- openjdk-8 8u72-b15-1
@@ -7864,7 +7864,7 @@
- openjdk-6 <removed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298957#c2
CVE-2016-0401 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-8536
RESERVED
CVE-2015-8535
@@ -8205,11 +8205,11 @@
CVE-2016-0246
RESERVED
CVE-2016-0245 (The XML parser in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0244 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0243 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0242
RESERVED
CVE-2016-0241
@@ -8231,9 +8231,9 @@
CVE-2016-0233
RESERVED
CVE-2016-0232 (IBM Financial Transaction Manager (FTM) for ACH Services, Check ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0231 (IBM Financial Transaction Manager (FTM) for ACH Services, Check ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0230
RESERVED
CVE-2016-0229
@@ -8241,11 +8241,11 @@
CVE-2016-0228
RESERVED
CVE-2016-0227 (Cross-site scripting (XSS) vulnerability in the document-list control ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0226
RESERVED
CVE-2016-0225 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0224
RESERVED
CVE-2016-0223
@@ -8263,21 +8263,21 @@
CVE-2016-0217
RESERVED
CVE-2016-0216 (Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0215
RESERVED
CVE-2016-0214
RESERVED
CVE-2016-0213 (Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0212 (Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0211
RESERVED
CVE-2016-0210
RESERVED
CVE-2016-0209 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0208
RESERVED
CVE-2016-0207
@@ -8293,7 +8293,7 @@
CVE-2016-0202
RESERVED
CVE-2016-0201 (GSKit in IBM Security Network Protection 5.3.1 before 5.3.1.7 and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-8538 [a out of bound read bug is found in libdwarf]
RESERVED
- dwarfutils <unfixed> (bug #807817)
@@ -8308,7 +8308,7 @@
CVE-2015-8532
RESERVED
CVE-2015-8531 (Cross-site scripting (XSS) vulnerability in IBM Security Access ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-8530
RESERVED
CVE-2015-8529
@@ -8322,7 +8322,7 @@
CVE-2015-8525
RESERVED
CVE-2015-8524 (Cross-site scripting (XSS) vulnerability in Process Portal in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-8523
RESERVED
CVE-2015-8522
@@ -8346,11 +8346,11 @@
CVE-2015-8513
RESERVED
CVE-2015-8512 (The lockscreen feature in Mozilla Firefox OS before 2.5 does not ...)
- TODO: check
+ NOT-FOR-US: Firefox OS
CVE-2015-8511 (Race condition in the lockscreen feature in Mozilla Firefox OS before ...)
- TODO: check
+ NOT-FOR-US: Firefox OS
CVE-2015-8510 (Cross-site scripting (XSS) vulnerability in the internationalization ...)
- TODO: check
+ NOT-FOR-US: Firefox OS
CVE-2015-8509 (Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and ...)
- bugzilla4 <itp> (bug #669643)
CVE-2015-8508 (Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in ...)
@@ -8406,7 +8406,7 @@
CVE-2015-8482 (Blue Coat Unified Agent before 4.6.2 does not prevent modification of ...)
NOT-FOR-US: Blue Coat Unified Agent
CVE-2015-8481 (Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2015-8504 [vnc: avoid floating point exception]
RESERVED
{DSA-3471-1 DSA-3470-1 DSA-3469-1}
@@ -8650,7 +8650,7 @@
CVE-2016-0085
RESERVED
CVE-2016-0084 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0083
RESERVED
CVE-2016-0082
@@ -8658,13 +8658,13 @@
CVE-2016-0081
RESERVED
CVE-2016-0080 (Microsoft Edge mishandles exceptions during window-message dispatch ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0079
RESERVED
CVE-2016-0078
RESERVED
CVE-2016-0077 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0076
RESERVED
CVE-2016-0075
@@ -8674,85 +8674,85 @@
CVE-2016-0073
RESERVED
CVE-2016-0072 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0071 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0070
RESERVED
CVE-2016-0069 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0068 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0067 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0066
RESERVED
CVE-2016-0065
RESERVED
CVE-2016-0064 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0063 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0062 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0061 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0060 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0059 (The Hyperlink Object Library in Microsoft Internet Explorer 9 through ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0058 (Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0057
RESERVED
CVE-2016-0056 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0055 (Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0054 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0053 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0052 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0051 (The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0050 (Network Policy Server (NPS) in Microsoft Windows Server 2008 SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0049 (Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0048 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0047 (WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0046 (Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0045
RESERVED
CVE-2016-0044 (Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0043
RESERVED
CVE-2016-0042 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0041 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0040 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0039 (Cross-site scripting (XSS) vulnerability in SharePoint Server in ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0038 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0037 (The forms-based authentication implementation in Active Directory ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0036 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0035 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
NOT-FOR-US: Microsoft
CVE-2016-0034 (Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets ...)
NOT-FOR-US: Microsoft
CVE-2016-0033 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0032 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
NOT-FOR-US: Microsoft
CVE-2016-0031 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
@@ -8774,7 +8774,7 @@
CVE-2016-0023
RESERVED
CVE-2016-0022 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-0021
RESERVED
CVE-2016-0020 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and ...)
@@ -9192,11 +9192,11 @@
- libav <undetermined>
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=44a7f17d0b20e6f8d836b2957e3e357b639f19a2
CVE-2015-8362 (The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices ...)
- TODO: check
+ NOT-FOR-US: Harman AMX
CVE-2015-8361 (Multiple unspecified services in Atlassian Bamboo before 5.9.9 and ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2015-8360 (An unspecified resource in Atlassian Bamboo before 5.9.9 and 5.10.x ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2015-8359
RESERVED
CVE-2015-8358 (Directory traversal vulnerability in the bitrix.mpbuilder module ...)
@@ -9265,19 +9265,19 @@
NOTE: gets to see the 1000 bytes that user A truncated from its file before
NOTE: it made its file world readable"
CVE-2015-8337 (The HIFI driver in Huawei P8 phones with software GRA-TL00 before ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8336
RESERVED
CVE-2015-8335 (Huawei VCN500 with software before V100R002C00SPC201 logs passwords in ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8334
RESERVED
CVE-2015-8333 (The Operation and Maintenance Unit (OMU) in Huawei VCN500 with ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8332
RESERVED
CVE-2015-8331 (The Operation and Maintenance Unit (OMU) in Huawei VCN500 with ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8330 (The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers ...)
NOT-FOR-US: SAP
CVE-2015-8329 (SAP Manufacturing Integration and Intelligence (aka MII, formerly ...)
@@ -9392,13 +9392,13 @@
CVE-2015-8307
RESERVED
CVE-2015-8306 (Buffer overflow in the HIFI driver in Huawei P8 phones with software ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8305
RESERVED
CVE-2015-8304
RESERVED
CVE-2015-8303 (Huawei Document Security Management (DSM) with software before ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8302
RESERVED
CVE-2015-8301
@@ -9450,9 +9450,9 @@
CVE-2015-8288
RESERVED
CVE-2015-8287 (Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM ...)
- TODO: check
+ NOT-FOR-US: Swann
CVE-2015-8286 (Zhuhai RaySharp firmware has a hardcoded root password, which makes it ...)
- TODO: check
+ NOT-FOR-US: Zhuhai RaySharp
CVE-2015-8285
RESERVED
CVE-2015-8284
@@ -9462,11 +9462,11 @@
CVE-2015-8282
RESERVED
CVE-2015-8281 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2015-8280 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2015-8279 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2015-8278
RESERVED
CVE-2015-8277 (Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in ...)
@@ -9486,7 +9486,7 @@
CVE-2015-8270
RESERVED
CVE-2015-8269 (The API on Fisher-Price Smart Toy Bear devices allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Fisher-Price
CVE-2015-8268
RESERVED
CVE-2015-8267 (The PasswordReset.Controllers.ResetController.ChangePasswordIndex ...)
@@ -9494,15 +9494,15 @@
CVE-2015-8266
RESERVED
CVE-2015-8265 (Huawei E5186 4G LTE router with software before V200R001B310D01SP00C00 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8264
RESERVED
CVE-2015-8263 (NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source ...)
- TODO: check
+ NOT-FOR-US: NETGEAR
CVE-2015-8262 (Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an ...)
- TODO: check
+ NOT-FOR-US: BUFFALO
CVE-2015-8261 (The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold ...)
- TODO: check
+ NOT-FOR-US: Ipswitch
CVE-2015-8260
RESERVED
CVE-2015-8259
@@ -9516,11 +9516,11 @@
CVE-2015-8255
RESERVED
CVE-2015-8254 (The Frontel protocol before 3 on RSI Video Technologies Videofied ...)
- TODO: check
+ NOT-FOR-US: Frontel
CVE-2015-8253 (The Frontel protocol before 3 on RSI Video Technologies Videofied ...)
- TODO: check
+ NOT-FOR-US: Frontel
CVE-2015-8252 (The Frontel protocol before 3 on RSI Video Technologies Videofied ...)
- TODO: check
+ NOT-FOR-US: Frontel
CVE-2015-8251
RESERVED
CVE-2015-8250
@@ -9575,9 +9575,9 @@
CVE-2015-8232 (The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not ...)
NOT-FOR-US: Drupal theme
CVE-2015-8231 (Huawei eSpace 7910 and 7950 IP phones with software before ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8230 (Memory leak in Huawei eSpace 8950 IP phones with software before ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8229 (Huawei eSpace U2980 unified gateway with software before V100R001C10 ...)
NOT-FOR-US: Huawai
CVE-2015-8228 (Directory traversal vulnerability in the SFTP server in Huawei AR 120, ...)
@@ -9585,9 +9585,9 @@
CVE-2015-8227 (The built-in web server in Huawei VP9660 multi-point control unit with ...)
NOT-FOR-US: Huawai
CVE-2015-8226 (The Joint Photographic Experts Group Processing Unit (JPU) driver in ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8225 (The Joint Photographic Experts Group Processing Unit (JPU) driver in ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8224
RESERVED
CVE-2015-8223
@@ -9782,13 +9782,13 @@
CVE-2015-8152
RESERVED
CVE-2015-8151 (Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-8150 (Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-8149 (The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-8148 (The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-8145
RESERVED
CVE-2015-8144
@@ -9978,7 +9978,7 @@
CVE-2015-8099
RESERVED
CVE-2015-8098 (F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and ...)
- TODO: check
+ NOT-FOR-US: BIG-IP
CVE-2015-8097
RESERVED
CVE-2015-8096 (Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 ...)
@@ -10536,9 +10536,9 @@
NOTE: http://sourceforge.net/p/libpng/bugs/241/
NOTE: http://sourceforge.net/p/libpng/code/ci/fbf0f024346ca0a4ffc64b082a95c6b6bb6d29c4/
CVE-2015-7939 (Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before ...)
- TODO: check
+ NOT-FOR-US: Unitronics
CVE-2015-7938 (Advantech EKI-132x devices with firmware before 2015-12-31 allow ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2015-7937 (Stack-based buffer overflow in the GoAhead Web Server on Schneider ...)
NOT-FOR-US: Schneider Electric
CVE-2015-7936 (Cross-site request forgery (CSRF) vulnerability in Motorola Solutions ...)
@@ -10546,15 +10546,15 @@
CVE-2015-7935 (Motorola Solutions MOSCAD IP Gateway allows remote attackers to read ...)
NOT-FOR-US: Motorola Solutions MOSCAD IP Gateway
CVE-2015-7934 (The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station ...)
- TODO: check
+ NOT-FOR-US: Adcon
CVE-2015-7933
RESERVED
CVE-2015-7932 (Adcon Telemetry A840 Telemetry Gateway Base Station allows remote ...)
- TODO: check
+ NOT-FOR-US: Adcon
CVE-2015-7931 (The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station ...)
- TODO: check
+ NOT-FOR-US: Adcon
CVE-2015-7930 (Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded ...)
- TODO: check
+ NOT-FOR-US: Adcon
CVE-2015-7929 (eWON devices with firmware through 10.1s0 support unspecified GET ...)
NOT-FOR-US: eWON devices
CVE-2015-7928 (eWON devices with firmware before 10.1s0 do not have an off ...)
@@ -10568,7 +10568,7 @@
CVE-2015-7924 (eWON devices with firmware before 10.1s0 do not trigger the discarding ...)
NOT-FOR-US: eWON devices
CVE-2015-7923 (Westermo WeOS before 4.19.0 uses the same SSL private key across ...)
- TODO: check
+ NOT-FOR-US: Westermo
CVE-2015-7922
RESERVED
CVE-2015-7921
@@ -10576,17 +10576,17 @@
CVE-2015-7920
RESERVED
CVE-2015-7919 (SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the ...)
- TODO: check
+ NOT-FOR-US: SearchBlox
CVE-2015-7918 (Multiple buffer overflows in the F1BookView ActiveX control in F1 ...)
NOT-FOR-US: F1BookView
CVE-2015-7917 (Untrusted search path vulnerability in Open Automation OPC Systems.NET ...)
NOT-FOR-US: Open Automation OPC Systems.NET
CVE-2015-7916 (Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 ...)
- TODO: check
+ NOT-FOR-US: Sauter
CVE-2015-7915 (Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext ...)
- TODO: check
+ NOT-FOR-US: Sauter
CVE-2015-7914 (Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: Sauter
CVE-2015-7913 (ag_server_service.exe in the AggreGate Server Service in Tibbo ...)
NOT-FOR-US: AggreGate
CVE-2015-7912 (The Ice Faces servlet in ag_server_service.exe in the AggreGate Server ...)
@@ -10596,7 +10596,7 @@
CVE-2015-7910 (Exemys Telemetry Web Server relies on an HTTP Location header to ...)
NOT-FOR-US: Exemys
CVE-2015-7909 (Stack-based buffer overflow in Hospira Communication Engine (CE) ...)
- TODO: check
+ NOT-FOR-US: Hospira
CVE-2015-7908 (Honeywell Midas gas detectors before 1.13b3 and Midas Black gas ...)
NOT-FOR-US: Honeywell Midas gas detectors and Midas Black gas detectors
CVE-2015-7907 (Directory traversal vulnerability in the web server on Honeywell Midas ...)
@@ -10640,7 +10640,7 @@
CVE-2015-7887
RESERVED
CVE-2015-7886 (NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are ...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2015-7899 (The com_content component in Joomla! 3.x before 3.4.5 does not ...)
- joomla <itp> (bug #571794)
CVE-2015-7883
@@ -10999,31 +10999,31 @@
CVE-2015-7795 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 ...)
NOT-FOR-US: Cybozu Office
CVE-2015-7794 (Corega CG-WLNCM4G devices provide an open DNS resolver, which allows ...)
- TODO: check
+ NOT-FOR-US: Corega
CVE-2015-7793 (Corega CG-WLBARAGM devices provide an open proxy service, which allows ...)
- TODO: check
+ NOT-FOR-US: Corega
CVE-2015-7792 (Corega CG-WLBARGS devices allow remote attackers to perform ...)
- TODO: check
+ NOT-FOR-US: Corega
CVE-2015-7791 (Multiple SQL injection vulnerabilities in admin.php in the Collne ...)
NOT-FOR-US: Collne Welcart plugin for WordPress
CVE-2015-7790 (Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2015-7789 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2015-7788 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2015-7787 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2015-7786 (Cross-site scripting (XSS) vulnerability in the NTT DATA Smart ...)
- TODO: check
+ NOT-FOR-US: NTT DATA
CVE-2015-7785
RESERVED
CVE-2015-7784 (SQL injection vulnerability in the BOKUBLOCK (1) ...)
- TODO: check
+ NOT-FOR-US: BOKUBLOCK
CVE-2015-7783 (Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS before ...)
- TODO: check
+ NOT-FOR-US: p++BBS
CVE-2015-7782 (Cross-site scripting (XSS) vulnerability in Let's PHP! Frame ...)
- TODO: check
+ NOT-FOR-US: Let's PHP!
CVE-2015-7781
RESERVED
CVE-2015-7780
@@ -11049,7 +11049,7 @@
CVE-2015-7770 (Dell SonicWall TotalSecure TZ 100 devices with firmware before ...)
NOT-FOR-US: Dell
CVE-2015-7769 (baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2015-7768 (Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote ...)
NOT-FOR-US: Konica Minolta
CVE-2015-7767 (Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote ...)
@@ -11085,7 +11085,7 @@
CVE-2015-7760 (libxpc in launchd in Apple OS X before 10.11 does not restrict the ...)
NOT-FOR-US: Apple
CVE-2015-7759 (BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM ...)
- TODO: check
+ NOT-FOR-US: BIG-IP
CVE-2015-7757
RESERVED
CVE-2015-7756 (The encryption implementation in Juniper ScreenOS 6.2.0r15 through ...)
@@ -11093,7 +11093,7 @@
CVE-2015-7755 (Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, ...)
NOT-FOR-US: Juniper ScreenOS
CVE-2015-7754 (Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2015-7753
RESERVED
CVE-2015-7752 (The SSH server in Juniper Junos OS before 12.1X44-D50, 12.1X46 before ...)
@@ -11200,7 +11200,7 @@
CVE-2015-7707 (Ignite Realtime Openfire 3.10.2 allows remote authenticated users to ...)
NOT-FOR-US: Ignite Realtime Openfire
CVE-2015-7706 (Multiple cross-site scripting (XSS) vulnerabilities in Secure Data ...)
- TODO: check
+ NOT-FOR-US: Secure Data Space
CVE-2014-9756 (The psf_fwrite function in file_io.c in libsndfile allows attackers to ...)
{DLA-356-1}
- libsndfile 1.0.25-10 (bug #804447)
@@ -11839,7 +11839,7 @@
CVE-2015-7542
RESERVED
CVE-2015-7541 (The initialize method in the Histogram class in ...)
- TODO: check
+ NOT-FOR-US: colorscore gem for Ruby
CVE-2015-7540 (The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 ...)
{DSA-3433-1}
- samba 2:4.1.22+dfsg-1
@@ -12024,17 +12024,17 @@
CVE-2015-7493
RESERVED
CVE-2015-7492 (Cross-site scripting (XSS) vulnerability in Reference Data Management ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7491 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7490 (IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7489 (IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7488 (IBM Spectrum Scale 4.1.1.x before 4.1.1.4 and 4.2.x before 4.2.0.1, in ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7487 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7486
RESERVED
CVE-2015-7485
@@ -12064,23 +12064,23 @@
CVE-2015-7473
RESERVED
CVE-2015-7472 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7471
RESERVED
CVE-2015-7470 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7469 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7468 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7467 (Cross-site scripting (XSS) vulnerability in Report Builder in IBM Jazz ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7466 (Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7465 (Cross-site request forgery (CSRF) vulnerability in Lifecycle Query ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7464 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7463
RESERVED
CVE-2015-7462
@@ -12094,51 +12094,51 @@
CVE-2015-7458
RESERVED
CVE-2015-7457 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7456 (IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7455 (IBM WebSphere Portal 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7454
RESERVED
CVE-2015-7453
RESERVED
CVE-2015-7452 (IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7451 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7450 (Serialized-object interfaces in certain IBM analytics, business ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7449
RESERVED
CVE-2015-7448
RESERVED
CVE-2015-7447 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7446
RESERVED
CVE-2015-7445 (IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7444 (The Update Installer in IBM WebSphere Commerce Enterprise 7.0.0.8 and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7443
RESERVED
CVE-2015-7442 (consoleinst.sh in IBM Installation Manager before 1.7.4.4 and 1.8.x ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7441 (Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7440
RESERVED
CVE-2015-7439 (Cross-site scripting (XSS) vulnerability in InfoSphere Data Architect ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7438 (IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7437 (Queue Watcher in IBM Sterling B2B Integrator 5.2 allows local users to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7436 (IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7435 (IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7434
RESERVED
CVE-2015-7433
@@ -12146,19 +12146,19 @@
CVE-2015-7432
RESERVED
CVE-2015-7431 (Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7430 (The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7429 (The Data Protection extension in the VMware GUI in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7428 (Open redirect vulnerability in IBM WebSphere Portal 8.0.x before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7427 (IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, ...)
NOT-FOR-US: IBM
CVE-2015-7426 (The Data Protection extension in the VMware GUI in IBM Tivoli Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7425 (The Data Protection component in the VMware vSphere GUI in IBM Tivoli ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7424
RESERVED
CVE-2015-7423
More information about the Secure-testing-commits
mailing list