Author: jmm
Date: 2017-02-16 23:37:52 +0000 (Thu, 16 Feb 2017)
New Revision: 49016
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-16 22:04:04 UTC (rev 49015)
+++ data/CVE/list 2017-02-16 23:37:52 UTC (rev 49016)
@@ -34976,21 +34976,21 @@
CVE-2016-3597 (Unspecified vulnerability in the Oracle VM VirtualBox component
in ...)
TODO: check
CVE-2016-3596 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3595 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3594 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3593 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3592 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3591 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3590 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3589 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking
...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3588 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier
allows ...)
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
@@ -34998,73 +34998,74 @@
CVE-2016-3587 (Unspecified vulnerability in Oracle Java SE 8u92 and Java SE
Embedded ...)
- openjdk-8 8u102-b14-1
CVE-2016-3586 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3585 (Unspecified vulnerability in the ILOM component in Oracle Sun
Systems ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3584 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows
local ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3583 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3582 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3581 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3580 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3579 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3578 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3577 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3576 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3575 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3574 (Unspecified vulnerability in the Outside In Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3573 (Unspecified vulnerability in the Primavera P6 Enterprise
Project ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3572 (Unspecified vulnerability in the Primavera P6 Enterprise
Project ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3571 (Unspecified vulnerability in the Primavera P6 Enterprise
Project ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3570 (Unspecified vulnerability in the Primavera P6 Enterprise
Project ...)
- TODO: check
+ NOT-FOR-US: Oracle
+ NOT-FOR-US: Oracle
CVE-2016-3569 (Unspecified vulnerability in the Primavera P6 Enterprise
Project ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3568 (Unspecified vulnerability in the Primavera P6 Enterprise
Project ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3567 (Unspecified vulnerability in the Primavera P6 Enterprise
Project ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3566 (Unspecified vulnerability in the Primavera P6 Enterprise
Project ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3565 (Unspecified vulnerability in the Oracle Retail Order Broker
component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3564 (Unspecified vulnerability in the Oracle TopLink component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3563 (Unspecified vulnerability in the Enterprise Manager Base
Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3562 (Unspecified vulnerability in the RDBMS Security and SQL*Plus
...)
NOT-FOR-US: Oracle
CVE-2016-3561 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3560 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3559 (Unspecified vulnerability in the Oracle Email Center component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3558 (Unspecified vulnerability in the Oracle Email Center component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3557 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3556 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3555 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3554 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3553 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3552 (Unspecified vulnerability in Oracle Java SE 8u92 allows local
users to ...)
- openjdk-8 <not-affected> (Installation component of Oracle Java
doesn't apply to IcedTea/OpenJDK)
CVE-2016-3551 (Unspecified vulnerability in the Oracle Web Services component
in ...)
@@ -35077,61 +35078,61 @@
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy)
CVE-2016-3549 (Unspecified vulnerability in the Oracle E-Business Suite Secure
...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3548 (Unspecified vulnerability in the Oracle Marketing component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3547 (Unspecified vulnerability in the Oracle One-to-One Fulfillment
...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3546 (Unspecified vulnerability in the Oracle Advanced Collections
component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3545 (Unspecified vulnerability in the Oracle Application Object
Library ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3544 (Unspecified vulnerability in the Oracle Business Intelligence
...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3543 (Unspecified vulnerability in the Oracle Common Applications
Calendar ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3542 (Unspecified vulnerability in the Oracle Knowledge Management
component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3541 (Unspecified vulnerability in the Oracle Common Applications
Calendar ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3540 (Unspecified vulnerability in the Enterprise Manager Base
Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3539 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3538 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3537 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3536 (Unspecified vulnerability in the Oracle Marketing component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3535 (Unspecified vulnerability in the Oracle CRM Technical
Foundation ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3534 (Unspecified vulnerability in the Oracle Installed Base
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3533 (Unspecified vulnerability in the Oracle Knowledge Management
component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3532 (Unspecified vulnerability in the Oracle Advanced Inbound
Telephony ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3531 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3530 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3529 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3528 (Unspecified vulnerability in the Oracle Internet Expenses
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3527 (Unspecified vulnerability in the Oracle Demand Planning
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3526 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3525 (Unspecified vulnerability in the Oracle Applications Manager
component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3524 (Unspecified vulnerability in the Oracle Applications Technology
Stack ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3523 (Unspecified vulnerability in the Oracle Web Applications
Desktop ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3522 (Unspecified vulnerability in the Oracle Web Applications
Desktop ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3521 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier,
5.6.30 ...)
{DSA-3632-1 DSA-3624-1 DLA-567-1}
- mariadb-10.0 10.0.26-1
@@ -35139,33 +35140,33 @@
- mysql-5.5 <removed>
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
CVE-2016-3520 (Unspecified vulnerability in the Oracle Application Object
Library ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3519 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3518 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier
allows ...)
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
CVE-2016-3517 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3516 (Unspecified vulnerability in the Oracle Enterprise
Communications ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3515 (Unspecified vulnerability in the Oracle Enterprise
Communications ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3514 (Unspecified vulnerability in the Oracle Enterprise
Communications ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3513 (Unspecified vulnerability in the Oracle Communications
Operations ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3512 (Unspecified vulnerability in the Oracle Customer Interaction
History ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3511 (Unspecified vulnerability in Oracle Java SE 7u101 and 8u92
allows ...)
- openjdk-8 <not-affected> (Deployment components not part of OpenJDK,
only present in Oracle Java)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK,
only present in Oracle Java)
- openjdk-6 <not-affected> (Deployment components not part of OpenJDK,
only present in Oracle Java)
CVE-2016-3510 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3509 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3508 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and
8u92; ...)
{DSA-3641-1 DLA-579-1}
- openjdk-8 8u102-b14-1
@@ -35174,19 +35175,19 @@
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy)
CVE-2016-3507 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3506 (Unspecified vulnerability in the JDBC component in Oracle
Database ...)
NOT-FOR-US: Oracle Database
CVE-2016-3505 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
NOT-FOR-US: Oracle
CVE-2016-3504 (Unspecified vulnerability in the Oracle JDeveloper component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3503 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and
8u92 ...)
- openjdk-8 <not-affected> (Installation component of Oracle Java
doesn't apply to IcedTea/OpenJDK)
- openjdk-7 <not-affected> (Installation component of Oracle Java
doesn't apply to IcedTea/OpenJDK)
- openjdk-6 <not-affected> (Installation component of Oracle Java
doesn't apply to IcedTea/OpenJDK)
CVE-2016-3502 (Unspecified vulnerability in the Oracle WebCenter Sites
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3501 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier
and ...)
- mysql-5.6 5.6.34-1 (bug #831844)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
@@ -35199,21 +35200,21 @@
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy)
CVE-2016-3499 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3498 (Unspecified vulnerability in Oracle Java SE 7u101 and 8u92
allows ...)
- openjfx 8u102-b14-1 (bug #832419)
CVE-2016-3497 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows
local ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3496 (Unspecified vulnerability in the Enterprise Manager for Fusion
...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3495 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier
allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
CVE-2016-3494 (Unspecified vulnerability in the Enterprise Manager Ops Center
...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3493 (Unspecified vulnerability in the Hyperion Financial Reporting
...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3492 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier,
5.6.32 ...)
{DSA-3711-1}
- mariadb-10.0 10.0.28-1
@@ -35224,15 +35225,15 @@
[wheezy] - mysql-5.5 5.5.52-0+deb7u1
NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
CVE-2016-3491 (Unspecified vulnerability in the Oracle CRM Technical
Foundation ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3490 (Unspecified vulnerability in the Oracle Transportation
Management ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3489 (Unspecified vulnerability in the Data Pump Import component in
Oracle ...)
NOT-FOR-US: Oracle Database
CVE-2016-3488 (Unspecified vulnerability in the DB Sharding component in
Oracle ...)
NOT-FOR-US: Oracle Database
CVE-2016-3487 (Unspecified vulnerability in the Oracle WebCenter Sites
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3486 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier
and ...)
- mysql-5.6 5.6.34-1 (bug #831844)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
@@ -35244,17 +35245,17 @@
CVE-2016-3484 (Unspecified vulnerability in the Database Vault component in
Oracle ...)
NOT-FOR-US: Oracle Database
CVE-2016-3483 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3482 (Unspecified vulnerability in the Oracle HTTP Server component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3481 (Unspecified vulnerability in the ILOM component in Oracle Sun
Systems ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3480 (Unspecified vulnerability in the Solaris Cluster component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3479 (Unspecified vulnerability in the Portable Clusterware component
in ...)
NOT-FOR-US: Oracle Database
CVE-2016-3478 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3477 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier,
5.6.30 ...)
{DSA-3632-1 DSA-3624-1 DLA-567-1}
- mariadb-10.0 10.0.26-1
@@ -35262,11 +35263,11 @@
- mysql-5.5 <removed>
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
CVE-2016-3476 (Unspecified vulnerability in the Oracle Knowledge component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3475 (Unspecified vulnerability in the Oracle Knowledge component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3474 (Unspecified vulnerability in the BI Publisher (formerly XML
Publisher) ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3473 (Unspecified vulnerability in the BI Publisher (formerly XML
Publisher) ...)
NOT-FOR-US: Oracle
CVE-2016-3472 (Unspecified vulnerability in the Siebel Engineering - Installer
and ...)
@@ -35280,11 +35281,11 @@
[wheezy] - mysql-5.5 5.5.46-0+deb7u1
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
CVE-2016-3470 (Unspecified vulnerability in the Oracle Transportation
Management ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3469 (Unspecified vulnerability in the Siebel Core - Server Framework
...)
NOT-FOR-US: Oracle Siebel CRM
CVE-2016-3468 (Unspecified vulnerability in the Oracle Agile Engineering Data
...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3467 (Unspecified vulnerability in the Application Express component
in ...)
NOT-FOR-US: Oracle Database
CVE-2016-3466 (Unspecified vulnerability in the Oracle Field Service component
in ...)
@@ -35323,7 +35324,7 @@
CVE-2016-3454 (Unspecified vulnerability in the Java VM component in Oracle
Database ...)
NOT-FOR-US: Oracle
CVE-2016-3453 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local
users ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3452 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier,
5.6.29 ...)
- mariadb-10.0 10.0.25-1
[jessie] - mariadb-10.0 10.0.25-0+deb8u1
@@ -35333,7 +35334,7 @@
[wheezy] - mysql-5.5 5.5.49-0+deb7u1
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
CVE-2016-3451 (Unspecified vulnerability in the ILOM component in Oracle Sun
Systems ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3450 (Unspecified vulnerability in the Siebel Core - Server Framework
...)
NOT-FOR-US: Oracle Siebel CRM
CVE-2016-3449 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and
8u77 ...)
@@ -35345,11 +35346,11 @@
CVE-2016-3447 (Unspecified vulnerability in the Oracle Applications Framework
...)
NOT-FOR-US: Oracle
CVE-2016-3446 (Unspecified vulnerability in the Oracle Business Intelligence
...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3445 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3444 (Unspecified vulnerability in the Oracle Retail Integration Bus
...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3443 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and
8u77 ...)
- openjdk-6 <not-affected> (Specific to Oracle Java, not present in
IcedTea)
- openjdk-7 <not-affected> (Specific to Oracle Java, not present in
IcedTea)
@@ -35375,9 +35376,9 @@
CVE-2016-3434 (Unspecified vulnerability in the Oracle Application Object
Library ...)
NOT-FOR-US: Oracle
CVE-2016-3433 (Unspecified vulnerability in the Oracle Business Intelligence
...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3432 (Unspecified vulnerability in the BI Publisher (formerly XML
Publisher) ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3431 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
NOT-FOR-US: Oracle
CVE-2016-3430
@@ -35427,36 +35428,36 @@
CVE-2016-3416 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
NOT-FOR-US: Oracle
CVE-2016-3415 (Zimbra Collaboration before 8.7.0 allows remote attackers to
conduct ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3414 (Unspecified vulnerability in Zimbra Collaboration before 8.6.0
Patch 7 ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3413 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0
allows ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3412 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra
...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3411 (Cross-site scripting (XSS) vulnerability in Zimbra
Collaboration ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3410 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra
...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3409 (Cross-site scripting (XSS) vulnerability in Zimbra
Collaboration ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3408 (Cross-site scripting (XSS) vulnerability in Zimbra
Collaboration ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3407 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra
...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3406 (Multiple cross-site request forgery (CSRF) vulnerabilities in
Zimbra ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3405 (Multiple unspecified vulnerabilities in Zimbra Collaboration
before ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3404 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0
allows ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3403
RESERVED
NOT-FOR-US: Zimbra
CVE-2016-3402 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0
allows ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3401 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0
allows ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2016-3400
RESERVED
CVE-2016-3399
@@ -35468,13 +35469,13 @@
CVE-2016-3397
RESERVED
CVE-2016-3396 (Graphics Device Interface (aka GDI or GDI+) in Microsoft
Windows Vista ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3395
RESERVED
CVE-2016-3394
RESERVED
CVE-2016-3393 (Graphics Device Interface (aka GDI or GDI+) in Microsoft
Windows Vista ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3392 (The Edge Content Security Policy feature in Microsoft Edge does
not ...)
NOT-FOR-US: Microsoft
CVE-2016-3391 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow
...)
@@ -35510,9 +35511,9 @@
CVE-2016-3376 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows
Server ...)
NOT-FOR-US: Microsoft
CVE-2016-3375 (The OLE Automation mechanism and VBScript scripting engine in
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3374 (The PDF library in Microsoft Edge, Windows 8.1, Windows Server
2012 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3373 (The kernel API in Microsoft Windows Vista SP2, Windows Server
2008 SP2 ...)
NOT-FOR-US: Microsoft
CVE-2016-3372 (The kernel API in Microsoft Windows Vista SP2 and Windows
Server 2008 ...)
@@ -35520,7 +35521,7 @@
CVE-2016-3371 (The kernel API in Microsoft Windows Vista SP2, Windows Server
2008 SP2 ...)
NOT-FOR-US: Microsoft
CVE-2016-3370 (The PDF library in Microsoft Edge, Windows 8.1, Windows Server
2012 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3369 (Microsoft Windows 10 Gold and 1511 allows attackers to cause a
denial ...)
NOT-FOR-US: Microsoft
CVE-2016-3368 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2
SP1, ...)
@@ -35548,11 +35549,11 @@
CVE-2016-3357 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1,
Office ...)
NOT-FOR-US: Microsoft
CVE-2016-3356 (The Graphics Device Interface (GDI) in Microsoft Windows 10
1607 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3355 (The Graphics Device Interface (GDI) in Microsoft Windows Vista
SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3354 (The Graphics Device Interface (GDI) in Microsoft Windows Vista
SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3353 (Microsoft Internet Explorer 9 through 11 mishandles .url files
from ...)
NOT-FOR-US: Microsoft
CVE-2016-3352 (Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold,
1511, and ...)
@@ -35622,7 +35623,7 @@
CVE-2016-3320 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows
RT ...)
NOT-FOR-US: Microsoft
CVE-2016-3319 (The PDF library in Microsoft Windows 8.1, Windows Server 2012
Gold and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3318 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1
allow ...)
NOT-FOR-US: Microsoft
CVE-2016-3317 (Microsoft Office 2010 SP2, Word 2007 SP3, Word 2010 SP2, Word
for Mac ...)
@@ -35636,7 +35637,7 @@
CVE-2016-3313 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and
2016, ...)
NOT-FOR-US: Microsoft
CVE-2016-3312 (ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3311 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows
Server ...)
NOT-FOR-US: Microsoft
CVE-2016-3310 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows
Server ...)
@@ -35735,7 +35736,6 @@
NOT-FOR-US: Microsoft
CVE-2016-3263 (Graphics Device Interface (aka GDI or GDI+) in Microsoft
Windows Vista ...)
NOT-FOR-US: Microsoft
- TODO: check
CVE-2016-3262 (Graphics Device Interface (aka GDI or GDI+) in Microsoft
Windows Vista ...)
NOT-FOR-US: Microsoft
CVE-2016-3261 (Microsoft Internet Explorer 11 allows remote attackers to
obtain ...)
@@ -35807,7 +35807,7 @@
CVE-2016-3228 (Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server
2012 ...)
NOT-FOR-US: Microsoft
CVE-2016-3227 (Use-after-free vulnerability in the DNS Server component in
Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3226 (Active Directory in Microsoft Windows Server 2008 R2 SP1 and
Server ...)
NOT-FOR-US: Microsoft
CVE-2016-3225 (The SMB server component in Microsoft Windows Vista SP2,
Windows ...)
@@ -35821,7 +35821,7 @@
CVE-2016-3221 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows
Server ...)
NOT-FOR-US: Microsoft
CVE-2016-3220 (atmfd.dll in the Adobe Type Manager Font Driver in Microsoft
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3219 (The kernel-mode driver in Microsoft Windows 10 Gold and 1511
allows ...)
NOT-FOR-US: Microsoft
CVE-2016-3218 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows
Server ...)
@@ -35829,31 +35829,31 @@
CVE-2016-3217
RESERVED
CVE-2016-3216 (GDI32.dll in the Graphics component in Microsoft Windows Vista
SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3215 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows
10 ...)
NOT-FOR-US: Microsoft
CVE-2016-3214 (The Chakra JavaScript engine in Microsoft Edge allows remote
attackers ...)
NOT-FOR-US: Microsoft
CVE-2016-3213 (The Web Proxy Auto Discovery (WPAD) protocol implementation in
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3212 (The XSS Filter in Microsoft Internet Explorer 9 through 11 does
not ...)
NOT-FOR-US: Microsoft
CVE-2016-3211 (Microsoft Internet Explorer 9 through 11 allows remote
attackers to ...)
NOT-FOR-US: Microsoft
CVE-2016-3210 (The Microsoft (1) JScript and (2) VBScript engines, as used in
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3209 (Graphics Device Interface (aka GDI or GDI+) in Microsoft
Windows Vista ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3208
RESERVED
CVE-2016-3207 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8
engines, as ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3206 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8
engines, as ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3205 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8
engines, as ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3204 (The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and
5.8 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2016-3203 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows
10 ...)
NOT-FOR-US: Microsoft
CVE-2016-3202 (The Microsoft (1) Chakra JavaScript, (2) JScript, and (3)
VBScript ...)
@@ -36312,9 +36312,9 @@
CVE-2016-3061
RESERVED
CVE-2016-3060 (Payments Director in IBM Financial Transaction Manager (FTM)
for ACH ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3059 (IBM Tivoli Storage Manager for Databases: Data Protection for
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3058
RESERVED
CVE-2016-3057 (Cross-site scripting (XSS) vulnerability in IBM Sterling B2B
...)
@@ -36349,15 +36349,15 @@
NOTE: http://www.securityfocus.com/bid/92123/info
NOTE: This issue might be a PowerKVM "rebrand" of CVE-2016-5412.
CVE-2016-3043 (IBM Security Access Manager for Web could allow a remote
attacker to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3042 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3041
RESERVED
CVE-2016-3040 (IBM WebSphere Application Server (WAS) Liberty, as used in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3039 (IBM Traveler 8.x and 9.x before 9.0.1.12 allows remote
authenticated ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3038
RESERVED
CVE-2016-3037
@@ -36385,79 +36385,79 @@
CVE-2016-3026
RESERVED
CVE-2016-3025 (IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3
and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3024 (IBM Security Access Manager for Web allows web pages to be
stored ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3023 (IBM Security Access Manager for Web could allow an
unauthenticated ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3022 (IBM Security Access Manager for Web could allow an
authenticated user ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3021 (IBM Security Access Manager for Web could allow an
authenticated ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3020 (IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0
could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3019
RESERVED
CVE-2016-3018 (IBM Security Access Manager for Web is vulnerable to cross-site
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3017 (IBM Security Access Manager for Web could allow a remote
attacker to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3016 (IBM Security Access Manager for Web processes patches, image
backups ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3015
RESERVED
CVE-2016-3014 (Cross-site scripting (XSS) vulnerability in IBM Rational
Collaborative ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3013
RESERVED
CVE-2016-3012 (IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before
2.2.8 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3011
RESERVED
CVE-2016-3010 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3009 (Cross-site request forgery (CSRF) vulnerability in IBM
Connections 4.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3008 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3007 (Cross-site request forgery (CSRF) vulnerability in IBM
Connections 4.x ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3006 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3005 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3004 (Cross-site request forgery (CSRF) vulnerability in IBM
Connections 4.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3003 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3002 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0
before CR4 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3001 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-3000 (The help service in IBM Connections 4.x through 4.5 CR5, 5.0
before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2999 (IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5
before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2998 (Cross-site request forgery (CSRF) vulnerability in IBM
Connections 4.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2997 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2996 (IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8,
when ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2995 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2994 (Cross-site scripting (XSS) vulnerability in IBM UrbanCode
Deploy 6.2.x ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2993
RESERVED
CVE-2016-2992 (IBM Infosphere BigInsights is vulnerable to cross-site
scripting. This ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2991 (Multiple cross-site scripting (XSS) vulnerabilities in IBM
Lotus ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2990
RESERVED
CVE-2016-2989 (Open redirect vulnerability in the Connections Portlets
component 5.x ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2988 (IBM Tivoli Storage Manger for Virtual Environments: Data
Protection ...)
NOT-FOR-US: IBM
CVE-2016-2987 (An undisclosed vulnerability in CLM applications may result in
some ...)
@@ -36499,7 +36499,7 @@
CVE-2016-2969
RESERVED
CVE-2016-2968 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.7
allows ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2967
RESERVED
CVE-2016-2966
@@ -36509,87 +36509,87 @@
CVE-2016-2964
RESERVED
CVE-2016-2963 (Cross-site request forgery (CSRF) vulnerability in IBM BigFix
Remote ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2962
RESERVED
CVE-2016-2961 (The integration server in IBM Integration Bus 9 before 9.0.0.6
and 10 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2960 (IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43,
8.0.0.x ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2959
RESERVED
CVE-2016-2958 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0
before CR4 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2957 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0
before CR4 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2956 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2955 (Cross-site scripting (XSS) vulnerability in IBM Connections 5.0
before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2954 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2953 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0
before CR4 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2952 (IBM BigFix Remote Control before 9.1.3 does not enable the HSTS
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2951 (IBM BigFix Remote Control before 9.1.3 does not properly set
the ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2950 (SQL injection vulnerability in IBM BigFix Remote Control before
9.1.3 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2949 (IBM BigFix Remote Control before 9.1.3 allows local users to
obtain ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2948 (IBM BigFix Remote Control before 9.1.3 allows local users to
discover ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2947 (IBM Rational Collaborative Lifecycle Management 4.0 before
4.0.7 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2946 (Stack-based buffer overflow in the ax Shared Libraries in the
Agent in ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2945 (The API Discovery implementation in IBM WebSphere Application
Server ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2944 (IBM BigFix Remote Control before 9.1.3 does not properly
restrict ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2943 (IBM BigFix Remote Control before 9.1.3 allows local users to
obtain ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2942 (IBM UrbanCode Deploy could allow an authenticated attacker with
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2941 (IBM UrbanCode Deploy creates temporary files during step
execution ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2940 (Multiple unspecified vulnerabilities in IBM BigFix Remote
Control ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2939 (IBM iNotes is vulnerable to cross-site scripting. This
vulnerability ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2938 (IBM iNotes is vulnerable to cross-site scripting. This
vulnerability ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2937 (IBM BigFix Remote Control before 9.1.3 allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2936 (IBM BigFix Remote Control before 9.1.3 uses cleartext storage
for ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2935 (The broker application in IBM BigFix Remote Control before
9.1.3 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2934 (Cross-site scripting (XSS) vulnerability in IBM BigFix Remote
Control ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2933 (Directory traversal vulnerability in IBM BigFix Remote Control
before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2932 (IBM BigFix Remote Control before 9.1.3 allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2931 (IBM BigFix Remote Control before 9.1.3 allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2930
RESERVED
CVE-2016-2929 (IBM BigFix Remote Control before 9.1.3 does not properly
restrict ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2928 (IBM BigFix Remote Control before 9.1.3 allows remote
authenticated ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2927 (IBM BigFix Remote Control before 9.1.3 does not properly
restrict the ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2926 (Cross-site scripting (XSS) vulnerability in IBM Rational
Collaborative ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2925 (Cross-site scripting (XSS) vulnerability in IBM WebSphere
Portal ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2924 (IBM Infosphere BigInsights is vulnerable to cross-site
scripting, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2923 (IBM WebSphere Application Server (WAS) 8.5 through 8.5.5.9
Liberty ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2922
RESERVED
CVE-2016-2921
@@ -36601,17 +36601,17 @@
CVE-2016-2918
RESERVED
CVE-2016-2917 (The notifications component in IBM TRIRIGA Applications 10.4
and 10.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2916
RESERVED
CVE-2016-2915
RESERVED
CVE-2016-2914 (Unrestricted file upload vulnerability in the Document Builder
in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2913
RESERVED
CVE-2016-2912 (Cross-site scripting (XSS) vulnerability in the Document
Builder in ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2911
RESERVED
CVE-2016-2910
@@ -36619,7 +36619,7 @@
CVE-2016-2909
RESERVED
CVE-2016-2908 (IBM Single Sign On for Bluemix could allow a remote attacker to
obtain ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2907
RESERVED
CVE-2016-2906
@@ -36633,7 +36633,7 @@
CVE-2016-2902
RESERVED
CVE-2016-2901 (Cross-site request forgery (CSRF) vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2900
RESERVED
CVE-2016-2899
@@ -36647,7 +36647,7 @@
CVE-2016-2895
RESERVED
CVE-2016-2894 (IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5
through 6.3 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2893
RESERVED
CVE-2016-2892
@@ -36657,63 +36657,63 @@
CVE-2016-2890
RESERVED
CVE-2016-2889 (Cross-site request forgery (CSRF) vulnerability in the Report
Builder ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2888 (Cross-site scripting (XSS) vulnerability in the Report Builder
and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2887 (IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for
Microsoft ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2886
RESERVED
CVE-2016-2885
RESERVED
CVE-2016-2884 (Cross-site request forgery (CSRF) vulnerability in IBM Forms
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2883 (Cross-site scripting (XSS) vulnerability in IBM TRIRIGA
Application ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2882 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2881 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7
and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2880
RESERVED
CVE-2016-2879
RESERVED
CVE-2016-2878 (Multiple cross-site request forgery (CSRF) vulnerabilities in
IBM ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2877 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7
uses weak ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2876 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7
executes ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2875 (IBM Security QRadar SIEM 7.1.x and 7.2.x before 7.2.7 allows
remote ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2874 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2873 (SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2
Patch 13 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2872 (Directory traversal vulnerability in IBM Security QRadar SIEM
7.2.x ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2871 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7
uses ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2870 (Buffer overflow in the CLI on IBM WebSphere DataPower XC10
appliances ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2869 (Multiple cross-site scripting (XSS) vulnerabilities in the UI
in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2868 (IBM Security QRadar SIEM 7.2.x before 7.2.7 allows remote ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2867 (IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before
4.1.1.1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2866 (An unspecified vulnerability in IBM Jazz Team Server may
disclose some ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2865 (The GIT Integration component in IBM Rational Team Concert
(RTC) 5.x ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2864 (Cross-site scripting (XSS) vulnerability in IBM Rational
Collaborative ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2863 (Cross-site request forgery (CSRF) vulnerability in IBM
WebSphere ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2862 (Cross-site scripting (XSS) vulnerability in IBM WebSphere
Commerce 6.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2861 (IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2860 (The newEntry function in ptserver/ptprocs.c in OpenAFS before
1.6.17 ...)
{DSA-3569-1 DLA-493-1}
- openafs 1.6.17-1
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
