Author: carnil
Date: 2015-08-13 07:09:24 +0000 (Thu, 13 Aug 2015)
New Revision: 36028
Modified:
data/CVE/list
Log:
Process list of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-13 07:09:10 UTC (rev 36027)
+++ data/CVE/list 2015-08-13 07:09:24 UTC (rev 36028)
@@ -1,5 +1,5 @@
CVE-2015-5965 (The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only
checks the ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiOS
CVE-2015-XXXX [crypt XSS]
- request-tracker4 <unfixed>
[wheezy] - request-tracker4 <not-affected> (Vulnerable code not present)
@@ -27,11 +27,11 @@
CVE-2015-5963
RESERVED
CVE-2015-5962 (Integer signedness error in the ...)
- TODO: check
+ NOT-FOR-US: Mozilla Firefox OS
CVE-2015-5961 (The COPPA error page in the Accounts setup dialog in Mozilla
Firefox ...)
- TODO: check
+ NOT-FOR-US: Mozilla Firefox OS
CVE-2015-5960 (Mozilla Firefox OS before 2.2 allows physically proximate
attackers to ...)
- TODO: check
+ NOT-FOR-US: Mozilla Firefox OS
CVE-2015-XXXX [allows access to a connected USB printer via all configured
network addresses]
- ippusbxd <unfixed> (bug #795162)
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/08/11/1
@@ -871,7 +871,7 @@
CVE-2015-5619
RESERVED
CVE-2015-5618 (Chiyu BF-630 and BF-630W fingerprint access-control devices
allow ...)
- TODO: check
+ NOT-FOR-US: Chiyu BF-630 and BF-630W fingerprint access-control devices
CVE-2015-5617
RESERVED
CVE-2015-5616
@@ -1075,7 +1075,7 @@
CVE-2015-5538
RESERVED
CVE-2015-5537 (The SSL layer of the HTTPS service in Siemens RuggedCom ROS
before ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2015-XXXX [more to CVE-2014-8146]
- icu <unfixed>
[wheezy] - icu <not-affected> (Vulnerable code not present)
@@ -1522,7 +1522,7 @@
CVE-2015-5370
RESERVED
CVE-2015-5369 (Pulse Connect Secure (aka PCS and formerly Juniper PCS)
PSC6000, ...)
- TODO: check
+ NOT-FOR-US: Pulse Connect Secure / Juniper PCS
CVE-2015-5368
RESERVED
CVE-2015-5367
@@ -1536,21 +1536,21 @@
CVE-2014-9737 (Open redirect vulnerability in the Language Switcher Dropdown
module ...)
NOT-FOR-US: Language Switcher Dropdown module for Drupal
CVE-2014-9736 (GE Healthcare Centricity Clinical Archive Audit Trail
Repository has a ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Centricity Clinical Archive Audit Trail
Repository
CVE-2013-7442 (GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a
password ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Centricity PACS Workstation
CVE-2012-6695 (GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a
password ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Centricity PACS Workstation
CVE-2012-6694 (GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1, and
Server ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Centricity PACS Workstation
CVE-2012-6693 (GE Healthcare Centricity PACS 4.0 Server has a default password
of (1) ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Centricity PACS
CVE-2011-5324 (The TeraRecon server, as used in GE Healthcare Centricity
PACS-IW ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Centricity PACS-IW
CVE-2011-5323 (GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly
other ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Centricity PACS-IW
CVE-2011-5322 (GE Healthcare Centricity Analytics Server 1.1 has a default
password ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Centricity Analytics Server
CVE-2015-XXXX [Incomplete WPS and P2P NFC NDEF record payload length
validation]
- wpa <unfixed>
- wpasupplicant <removed>
@@ -2262,7 +2262,7 @@
CVE-2015-5085 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before
11.0.12, ...)
NOT-FOR-US: Adobe Reader and Acrobat
CVE-2015-5084 (The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2015-5083
RESERVED
CVE-2015-5082
@@ -2569,7 +2569,7 @@
CVE-2015-4946
RESERVED
CVE-2015-4945 (Unspecified vulnerability in the IBM Maximo Anywhere
application 7.5.1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-4944
RESERVED
CVE-2015-4943
@@ -2587,17 +2587,17 @@
CVE-2015-4937
RESERVED
CVE-2015-4936 (Unspecified vulnerability in IBM WebSphere eXtreme Scale 8.6
through ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-4935 (Stack-based buffer overflow in the server in IBM Tivoli Storage
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-4934 (Stack-based buffer overflow in the server in IBM Tivoli Storage
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-4933 (Stack-based buffer overflow in the server in IBM Tivoli Storage
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-4932 (Stack-based buffer overflow in the server in IBM Tivoli Storage
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-4931 (Stack-based buffer overflow in the server in IBM Tivoli Storage
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-4930
RESERVED
CVE-2015-4929
@@ -2913,7 +2913,7 @@
CVE-2015-4774 (Unspecified vulnerability in the Data Store component in Oracle
...)
TODO: check
CVE-2015-4773 (Unspecified vulnerability in the Hyperion Common Security
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Hyperion
CVE-2015-4772 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and
earlier ...)
- mysql-5.6 5.6.25-2
- mysql-5.5 <not-affected> (Only 5.6 series)
@@ -2923,7 +2923,7 @@
- mysql-5.5 <not-affected> (Only 5.6 series)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
CVE-2015-4770 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2
allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2015-4769 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and
earlier ...)
- mysql-5.6 5.6.25-2
- mysql-5.5 <not-affected> (Only 5.6 series)
@@ -3228,7 +3228,7 @@
NOTE:
https://github.com/FreeRADIUS/freeradius-server/commit/5e698b407dcac2bc45cf03484bac4398109d25c3
(v2.x.x branch)
NOTE: http://www.ocert.org/advisories/ocert-2015-008.html
CVE-2015-4674 (The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on
Windows ...)
- TODO: check
+ NOT-FOR-US: TimeDoctor Pro
CVE-2015-4673
RESERVED
CVE-2015-4672
@@ -4122,25 +4122,25 @@
CVE-2015-4296
RESERVED
CVE-2015-4295 (The Prime Collaboration Deployment component in Cisco Unified
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4294 (Cross-site scripting (XSS) vulnerability in Cisco IM and
Presence ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4293 (The packet-reassembly implementation in Cisco IOS XE 3.13S and
earlier ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4292 (Cross-site scripting (XSS) vulnerability in the management
interface ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4291 (Cisco IOS XE 2.x before 2.4.3 and 2.5.x before 2.5.1 on ASR
1000 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4290 (The kernel extension in Cisco AnyConnect Secure Mobility Client
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4289 (Directory traversal vulnerability in Cisco AnyConnect Secure
Mobility ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4288 (The LDAP implementation on the Cisco Web Security Appliance
(WSA) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4287 (Cisco Firepower Extensible Operating System 1.1(1.86) on
Firepower ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4286 (The web framework in Cisco UCS Central Software 1.3(0.99)
allows ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-4285 (The Local Packet Transport Services (LPTS) implementation in
Cisco IOS ...)
NOT-FOR-US: Cisco
CVE-2015-4284 (The Concurrent Data Management Replication process in Cisco IOS
XR ...)
@@ -5166,15 +5166,15 @@
CVE-2015-3964
RESERVED
CVE-2015-3963 (Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before
6.7.1.1, ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks as used on Schneider Electric devices
CVE-2015-3962
RESERVED
CVE-2015-3961 (The web-server component in MNS before 4.5.6 on Belden
GarrettCom ...)
- TODO: check
+ NOT-FOR-US: Belden GarrettCom switches
CVE-2015-3960 (The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K
and ...)
- TODO: check
+ NOT-FOR-US: Belden GarrettCom switches
CVE-2015-3959 (The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K
and ...)
- TODO: check
+ NOT-FOR-US: Belden GarrrettCom switches
CVE-2015-3958 (Hospira LifeCare PCA Infusion System 5.0 and earlier, and
possibly ...)
NOT-FOR-US: Hospira LifeCare
CVE-2015-3957 (Hospira LifeCare PCA Infusion System before 7.0 stores private
keys ...)
@@ -5208,11 +5208,11 @@
CVE-2015-3943
RESERVED
CVE-2015-3942 (Multiple cross-site scripting (XSS) vulnerabilities in the
web-server ...)
- TODO: check
+ NOT-FOR-US: Belden GarrettCom switches
CVE-2015-3941
RESERVED
CVE-2015-3940 (Untrusted search path vulnerability in Schneider Electric
Wonderware ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2015-3939 (Directory traversal vulnerability in the NC854 and NC856
modules for ...)
NOT-FOR-US: IDS RTU 850C devices
CVE-2015-3938
@@ -6079,7 +6079,7 @@
- docker.io 1.6.1+dfsg1-1 (bug #784726)
NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
CVE-2015-3626 (Cross-site scripting (XSS) vulnerability in the DHCP Monitor
page the ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiOS
CVE-2015-3625 (The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346
before ...)
- nvidia-graphics-drivers <undetermined>
NOTE: the text seems to indicate that this is freebsd-specific
(possibly kfreebsd
@@ -8067,19 +8067,19 @@
CVE-2015-2981
RESERVED
CVE-2015-2980 (The Yodobashi application 1.2.1.0 and earlier for Android
allows ...)
- TODO: check
+ NOT-FOR-US: Yodobashi application for Android
CVE-2015-2979 (Webservice-DIC yoyaku_v41 allows remote attackers to execute
arbitrary ...)
- TODO: check
+ NOT-FOR-US: Webservice-DIC yoyaku_v41
CVE-2015-2978 (Webservice-DIC yoyaku_v41 allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: Webservice-DIC yoyaku_v41
CVE-2015-2977 (Webservice-DIC yoyaku_v41 allows remote attackers to create
arbitrary ...)
- TODO: check
+ NOT-FOR-US: Webservice-DIC yoyaku_v41
CVE-2015-2976 (Multiple cross-site scripting (XSS) vulnerabilities in Research
...)
- TODO: check
+ NOT-FOR-US: Research Artisan Lite
CVE-2015-2975 (Research Artisan Lite before 1.18 does not ensure that a user
has ...)
- TODO: check
+ NOT-FOR-US: Research Artisan Lite
CVE-2015-2974 (LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: LEMON-S PHP Gazou BBS
CVE-2015-2973 (Multiple cross-site scripting (XSS) vulnerabilities in the
Welcart ...)
NOT-FOR-US: Welcart plugin for WordPress
CVE-2015-2972 (Multiple SQL injection vulnerabilities in Sysphonic Thetis
before ...)
@@ -8264,7 +8264,7 @@
CVE-2015-2898
RESERVED
CVE-2015-2897 (Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS
devices ...)
- TODO: check
+ NOT-FOR-US: Sierra Wireless ALEOS
CVE-2015-2896
RESERVED
CVE-2015-2895
@@ -8278,7 +8278,7 @@
CVE-2015-2891
RESERVED
CVE-2015-2890 (The BIOS implementation on Dell Latitude, OptiPlex, Precision
Mobile ...)
- TODO: check
+ NOT-FOR-US: BIOS implementations on Dell hardware with model-dependent
firmware
CVE-2015-2889
RESERVED
CVE-2015-2888
@@ -8321,9 +8321,9 @@
CVE-2015-2872
RESERVED
CVE-2015-2871 (Chiyu BF-660C fingerprint access-control devices allow remote
...)
- TODO: check
+ NOT-FOR-US: Chiyu BF-660C fingerprint access-control devices
CVE-2015-2870 (Cross-site scripting (XSS) vulnerability on Chiyu BF-630,
BF-630W, and ...)
- TODO: check
+ NOT-FOR-US: Chiyu fingerprint access-control devices
CVE-2015-2869 (The FileInfo plugin before 2.22 for Ghisler Total Commander
allows ...)
NOT-FOR-US: Ghisler Total Commander
CVE-2015-2868
@@ -8367,9 +8367,9 @@
CVE-2015-2849 (SQL injection vulnerability in main.ant in the ANTlabs InnGate
...)
NOT-FOR-US: ANTlabs
CVE-2015-2848 (Cross-site request forgery (CSRF) vulnerability in Honeywell
Tuxedo ...)
- TODO: check
+ NOT-FOR-US: Honeywell Tuxedo Touch
CVE-2015-2847 (Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side
...)
- TODO: check
+ NOT-FOR-US: Honeywell Tuxedo Touch
CVE-2015-2846 (BitTorrent Sync allows remote attackers to execute arbitrary
commands ...)
- btsync <itp> (bug #706639)
CVE-2015-2845 (The cpanel function in go_site.php in GoAutoDial GoAdmin CE
before ...)
@@ -8777,9 +8777,9 @@
NOTE: CVE about "ssl: ... added padding check for TLS-1.0 due to the
Poodle vulnerability."
NOTE:
https://github.com/erlang/otp/commit/e53c55dd0ab69982bc511396ccf8655d27c6d38c
CVE-2015-2745 (Multiple cross-site scripting (XSS) vulnerabilities in the
Search app ...)
- TODO: check
+ NOT-FOR-US: Mozilla Firefox OS
CVE-2015-2744 (Cross-site scripting (XSS) vulnerability in the Search app in
Gaia in ...)
- TODO: check
+ NOT-FOR-US: Mozilla Firefox OS
CVE-2015-2743 (PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x
before 31.8 ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
@@ -9277,7 +9277,7 @@
- mysql-5.5 <not-affected> (Only 5.6 series)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
CVE-2015-2616 (Unspecified vulnerability in Oracle Sun Solaris 3.3 and 4.2
allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2015-2615 (Unspecified vulnerability in the Oracle Applications Framework
...)
NOT-FOR-US: Oracle E-Business
CVE-2015-2614 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
local ...)
@@ -9377,7 +9377,7 @@
CVE-2015-2581 (Unspecified vulnerability in the Oracle Secure Global Desktop
...)
NOT-FOR-US: Oracle Virtualization
CVE-2015-2580 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2
allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2015-2579 (Unspecified vulnerability in the Oracle Health Sciences Argus
Safety ...)
NOT-FOR-US: Oracle
CVE-2015-2578 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
remote ...)
@@ -10031,7 +10031,7 @@
CVE-2015-2324
RESERVED
CVE-2015-2323 (FortiOS 5.0.x before 5.0.12 and 5.2.x before 5.2.4 supports
anonymous, ...)
- TODO: check
+ NOT-FOR-US: FortiOS
CVE-2015-2322
RESERVED
CVE-2015-2321
@@ -11125,7 +11125,7 @@
CVE-2015-1988
RESERVED
CVE-2015-1987 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a
denial ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1986 (The server in IBM Tivoli Storage Manager FastBack 6.1 before
6.1.12 ...)
NOT-FOR-US: IBM
CVE-2015-1985
@@ -11159,7 +11159,7 @@
CVE-2015-1971
RESERVED
CVE-2015-1970 (The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3
and 2.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1969
RESERVED
CVE-2015-1968 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere
Master Data ...)
@@ -11183,13 +11183,13 @@
CVE-2015-1959 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1
before ...)
NOT-FOR-US: IBM
CVE-2015-1958 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a
denial ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1957
RESERVED
CVE-2015-1956 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a
denial ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1955 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a
denial ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1954 (Stack-based buffer overflow in the server in IBM Tivoli Storage
...)
NOT-FOR-US: IBM
CVE-2015-1953 (Stack-based buffer overflow in the server in IBM Tivoli Storage
...)
@@ -11292,7 +11292,7 @@
CVE-2015-1905 (The REST API in IBM Business Process Manager (BPM) 7.5.x
through ...)
NOT-FOR-US: IBM BPM
CVE-2015-1904 (IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3, 8.5.0
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1903 (Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6
IF7 and ...)
NOT-FOR-US: IBM
CVE-2015-1902 (Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6
IF7 and ...)
@@ -12484,19 +12484,19 @@
CVE-2015-1494 (The FancyBox for WordPress plugin before 3.0.3 for WordPress
does not ...)
NOT-FOR-US: FancyBox plugin for WordPress
CVE-2015-1492 (Untrusted search path vulnerability in the client in Symantec
Endpoint ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-1491 (SQL injection vulnerability in the management console in
Symantec ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-1490 (Directory traversal vulnerability in the management console in
...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-1489 (The management console in Symantec Endpoint Protection Manager
(SEPM) ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-1488 (An unspecified action handler in the management console in
Symantec ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-1487 (The management console in Symantec Endpoint Protection Manager
(SEPM) ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-1486 (The management console in Symantec Endpoint Protection Manager
(SEPM) ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-1485 (Cross-site request forgery (CSRF) vulnerability in the
administration ...)
NOT-FOR-US: Enforce Server in Symantec Data Loss Prevention
CVE-2015-1484 (Unquoted Windows search path vulnerability in the agent in
Symantec ...)
@@ -14516,7 +14516,7 @@
CVE-2015-1010 (Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier
does ...)
NOT-FOR-US: Rockwell Automation RSView32
CVE-2015-1009 (Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5
and ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2015-1008 (SQL injection vulnerability in Emerson AMS Device Manager
before 13 ...)
NOT-FOR-US: Emerson AMS Device Manager
CVE-2015-1007
@@ -15511,7 +15511,7 @@
CVE-2015-0733 (CRLF injection vulnerability in the HTTP Header Handler in
Digital ...)
NOT-FOR-US: Cisco
CVE-2015-0732 (Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on
the Web ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0731 (The ISDN implementation in Cisco IOS 15.3S allows remote
attackers to ...)
NOT-FOR-US: Cisco
CVE-2015-0730 (The SMB module in Cisco Wide Area Application Services (WAAS)
6.0(1) ...)
@@ -23769,9 +23769,9 @@
CVE-2014-7234
REJECTED
CVE-2014-7233 (GE Healthcare Precision THUNIS-800+ has a default password of
(1) 1973 ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Precision THUNIS-800+
CVE-2014-7232 (GE Healthcare Discovery XR656 and XR656 G2 has a password of
(1) ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Discovery XR656 and XR656 G2
CVE-2014-7229 (Unspecified vulnerability in Joomla! before 2.5.4 before
2.5.26, 3.x ...)
NOT-FOR-US: Joomla
CVE-2014-7228 (Akeeba Restore (restore.php), as used in Joomla! 2.5.4 through
2.5.25, ...)
@@ -23841,9 +23841,9 @@
[squeeze] - apt <not-affected> (apt changelog command and vulnerable
code not present)
NOTE: mitigated by Linux kernel features in wheezy and up
CVE-2013-7405 (The Ad Hoc Reporting feature in GE Healthcare Centricity DMS
4.2 has a ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Centricity DMS
CVE-2013-7404 (GE Healthcare Discovery NM 750b has a password of 2getin for
the ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Discovery NM 750b
CVE-2012-6662 (Cross-site scripting (XSS) vulnerability in the default content
option ...)
- jqueryui 1.10.1+dfsg-1
[wheezy] - jqueryui <not-affected> (ui.tooltip not yet present)
@@ -23855,29 +23855,29 @@
- zope2.13 <not-affected> (Fixed before initial upload in upstream
version 2.13.19)
NOTE: CVE SPLIT from CVE-2012-5508
CVE-2012-6660 (GE Healthcare Precision MPi has a password of (1) orion for the
...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Precision MPi
CVE-2011-5374
RESERVED
CVE-2010-5310 (The Acquisition Workstation for the GE Healthcare Revolution
XQ/i has ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Revolution XQ/i
CVE-2010-5309 (GE Healthcare CADStream Server has a default password of
confirma for ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare CADStream Server
CVE-2010-5308 (GE Healthcare Optima MR360 does not require authentication for
the ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Optima MR360
CVE-2010-5307 (The HIPAA configuration interface in GE Healthcare Optima MR360
has a ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Optima MR360
CVE-2010-5306 (GE Healthcare Optima CT680, CT540, CT640, and CT520 has a
default ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Optima
CVE-2009-5143 (GE Healthcare Discovery 530C has a password of #bigguy1 for the
(1) ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Discovery 530C
CVE-2007-6757 (GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password
of ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Centricity DMS
CVE-2006-7253 (GE Healthcare Infinia II has a default password of (1) infinia
for the ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Infinia II
CVE-2004-2777 (GE Healthcare Centricity Image Vault 3.x has a password of (1)
gemnet ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Centricity Image Vault
CVE-2003-1603 (GE Healthcare Discovery VH has a default password of (1)
interfile for ...)
- TODO: check
+ NOT-FOR-US: GE Healthcare Discovery VH
CVE-2002-2445 (GE Healthcare Millennium MG, NC, and MyoSIGHT has a default
password ...)
NOT-FOR-US: Data pre-dating the Security Tracker
CVE-2001-1594 (GE Healthcare eNTEGRA P&R has a password of (1) entegra for
the ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
