[Secure-testing-commits] r32027 - data/CVE

Salvatore Bonaccorso Fri, 06 Feb 2015 07:56:55 -0800

Author: carnil
Date: 2015-02-06 15:55:01 +0000 (Fri, 06 Feb 2015)
New Revision: 32027


Modified:
   data/CVE/list
Log:
Further NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-02-06 15:51:29 UTC (rev 32026)
+++ data/CVE/list       2015-02-06 15:55:01 UTC (rev 32027)
@@ -27,7 +27,7 @@
 CVE-2015-1476 (Multiple SQL injection vulnerabilities in xlinkerz 
ecommerceMajor ...)
        TODO: check
 CVE-2015-1475 (Multiple cross-site scripting (XSS) vulnerabilities in my 
little forum ...)
-       TODO: check
+       NOT-FOR-US: My Little Forum
 CVE-2015-1474
        RESERVED
 CVE-2015-1471
@@ -74,7 +74,7 @@
 CVE-2015-1451 (Multiple cross-site scripting (XSS) vulnerabilities in Fortinet 
...)
        NOT-FOR-US: Fortinet FortiOS
 CVE-2015-1450 (SQL injection vulnerability in Restaurant Biller allows remote 
...)
-       TODO: check
+       NOT-FOR-US: Restaurant Biller
 CVE-2015-1449 (Buffer overflow in the integrated web server on Siemens 
Ruggedcom ...)
        NOT-FOR-US: Siemens Ruggedcom
 CVE-2015-1448 (The integrated management service on Siemens Ruggedcom WIN51xx 
devices ...)
@@ -108,7 +108,7 @@
 CVE-2015-1429
        RESERVED
 CVE-2015-1428 (Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 
allow ...)
-       TODO: check
+       NOT-FOR-US: Sefrengo
 CVE-2015-1427
        RESERVED
 CVE-2015-1426
@@ -203,11 +203,11 @@
 CVE-2015-1425
        RESERVED
 CVE-2015-1424 (Cross-site request forgery (CSRF) vulnerability in Gecko CMS 
2.2 and ...)
-       TODO: check
+       NOT-FOR-US: Gecko CMS
 CVE-2015-1423 (Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 
allow ...)
-       TODO: check
+       NOT-FOR-US: Gecko CMS
 CVE-2015-1422 (Multiple cross-site scripting (XSS) vulnerabilities in Gecko 
CMS 2.2 ...)
-       TODO: check
+       NOT-FOR-US: Gecko CMS
 CVE-2015-XXXX [symlink directory traversal]
        - unrar-nonfree (bug #774171)
        [wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
@@ -297,7 +297,7 @@
 CVE-2015-1371 (Unrestricted file upload vulnerability in ferretCMS 1.0.4-alpha 
allows ...)
        NOT-FOR-US: ferretCMS
 CVE-2015-1368 (Multiple cross-site scripting (XSS) vulnerabilities in Ansible 
Tower ...)
-       TODO: check
+       NOT-FOR-US: Ansible Tower
 CVE-2015-1367 (SQL injection vulnerability in index.php in CatBot 0.4.2 allows 
remote ...)
        TODO: check
 CVE-2015-1366 (Cross-site scripting (XSS) vulnerability in pixabay-images.php 
in the ...)
@@ -480,7 +480,7 @@
 CVE-2014-9641
        RESERVED
 CVE-2014-9633 (The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: COMODO Backup
 CVE-2014-9632
        RESERVED
 CVE-2015-1386 [directory traversal]
@@ -798,7 +798,7 @@
 CVE-2015-1179 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
        TODO: check
 CVE-2015-1178 (Multiple cross-site scripting (XSS) vulnerabilities in cart.php 
in ...)
-       TODO: check
+       NOT-FOR-US: X-Cart
 CVE-2015-1177
        RESERVED
        NOT-FOR-US: Exponent CMS
@@ -1266,7 +1266,7 @@
 CVE-2014-9600 (Untrusted search path vulnerability in Macroplant iExplorer 
3.6.3.0 ...)
        NOT-FOR-US: Macroplant iExplorer
 CVE-2014-9599 (Cross-site scripting (XSS) vulnerability in the filemanager in 
...)
-       TODO: check
+       NOT-FOR-US: b2evolution
 CVE-2014-9598 (The picture_Release function in misc/picture.c in VideoLAN VLC 
media ...)
        - ffmpeg <not-affected> (Not reproducible with any ffmpeg release 
series)
        [squeeze] - ffmpeg <end-of-life>
@@ -1367,9 +1367,9 @@
 CVE-2015-1045
        RESERVED
 CVE-2015-1044 (vmware-authd (aka the Authorization process) in VMware 
Workstation ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2015-1043 (The Host Guest File System (HGFS) in VMware Workstation 10.x 
before ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2015-1041 (Cross-site scripting (XSS) vulnerability in 
e107_admin/filemanager.php ...)
        NOT-FOR-US: e107
 CVE-2015-1040 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
@@ -1977,13 +1977,13 @@
 CVE-2015-0870 (Cross-site scripting (XSS) vulnerability in hb.cgi in Nishishi 
Factory ...)
        NOT-FOR-US: Nishishi Factory
 CVE-2015-0869 (I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause 
a ...)
-       TODO: check
+       NOT-FOR-US: I-O DATA DEVICE NP-BBRM routers
 CVE-2015-0868 (Unrestricted file upload vulnerability in Mrs. Shiromuku Perl 
CGI ...)
        TODO: check
 CVE-2015-0867 (Directory traversal vulnerability in SYNCK GRAPHICA Download 
Log CGI ...)
        NOT-FOR-US: SYNCK GRAPHICA Download Log CGI
 CVE-2015-0866 (Multiple cross-site scripting (XSS) vulnerabilities in Zoho ...)
-       TODO: check
+       NOT-FOR-US: ZOHO ManageEngine SupportCenter Plus
 CVE-2015-0865
        RESERVED
 CVE-2015-0864
@@ -2519,15 +2519,15 @@
 CVE-2015-0600
        RESERVED
 CVE-2015-0599 (The web interface in Cisco Integrated Management Controller in 
Cisco ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2015-0598
        RESERVED
 CVE-2015-0597 (The Forgot Password feature in Cisco WebEx Meetings Server 
1.5(.1.131) ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2015-0596 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx 
...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2015-0595 (The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and 
earlier ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2015-0594
        RESERVED
 CVE-2015-0593
@@ -2545,7 +2545,7 @@
 CVE-2015-0587
        RESERVED
 CVE-2015-0586 (The Network-Based Application Recognition (NBAR) protocol ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2015-0585
        RESERVED
 CVE-2015-0584
@@ -2555,7 +2555,7 @@
 CVE-2015-0582 (The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 
...)
        NOT-FOR-US: Cisco NX-OS
 CVE-2015-0581 (The XML parser in Cisco Prime Service Catalog before 10.1 
allows ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2015-0580
        RESERVED
 CVE-2015-0579 (Cisco TelePresence Video Communication Server (VCS) and Cisco 
...)
@@ -3351,15 +3351,15 @@
        RESERVED
        NOT-FOR-US: EMC Documentum D2
 CVE-2015-0516 (Directory traversal vulnerability in EMC M&amp;R (aka 
Watch4Net) before ...)
-       TODO: check
+       NOT-FOR-US: EMC
 CVE-2015-0515 (Unrestricted file upload vulnerability in EMC M&amp;R (aka 
Watch4Net) ...)
-       TODO: check
+       NOT-FOR-US: EMC
 CVE-2015-0514 (EMC M&amp;R (aka Watch4Net) before 6.5u1 and ViPR SRM before 
3.6.1 might ...)
-       TODO: check
+       NOT-FOR-US: EMC
 CVE-2015-0513 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-       TODO: check
+       NOT-FOR-US: EMC
 CVE-2015-0512 (Open redirect vulnerability in EMC Unisphere Central before 4.0 
allows ...)
-       TODO: check
+       NOT-FOR-US: EMC
 CVE-2015-0511
        RESERVED
 CVE-2015-0510
@@ -3549,7 +3549,7 @@
 CVE-2015-0421 (Unspecified vulnerability in Oracle Java SE 8u25 allows local 
users to ...)
        - openjdk-8 8u40~b22-1
 CVE-2015-0420 (Unspecified vulnerability in the Oracle Forms component in 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2015-0419 (Unspecified vulnerability in the Siebel UI Framework component 
in ...)
        NOT-FOR-US: Oracle
 CVE-2015-0418 (Unspecified vulnerability in the Oracle VM VirtualBox component 
in ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r32027 - data/CVE

Reply via email to