Author: geissert
Date: 2014-06-18 21:20:38 +0000 (Wed, 18 Jun 2014)
New Revision: 27356
Modified:
data/CVE/list
Log:
some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-18 19:47:22 UTC (rev 27355)
+++ data/CVE/list 2014-06-18 21:20:38 UTC (rev 27356)
@@ -7,13 +7,13 @@
CVE-2014-4191 (The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share
for C ...)
TODO: check
CVE-2014-4190 (Multiple heap-based buffer overflows in Huawei Campus Series
Switches ...)
- TODO: check
+ NOT-FOR-US: Huawei Campus Series Switches
CVE-2014-4189 (Cross-site scripting (XSS) vulnerability in Hitachi Tuning
Manager ...)
- TODO: check
+ NOT-FOR-US: Hitachi Tuning Manager
CVE-2014-4188 (Cross-site request forgery (CSRF) vulnerability in Hitachi
Tuning ...)
- TODO: check
+ NOT-FOR-US: Hitachi Tuning Manager
CVE-2014-4187 (Cross-site scripting (XSS) vulnerability in signup.php in
ClipBucket ...)
- TODO: check
+ NOT-FOR-US: ClipBucket
CVE-2014-4186
RESERVED
CVE-2014-4185
@@ -58,17 +58,17 @@
CVE-2014-4165 (Cross-site scripting (XSS) vulnerability in ntop allows remote
...)
- ntop <unfixed> (bug #751946)
CVE-2014-4164 (Cross-site scripting (XSS) vulnerability in AlogoSec FireFlow
6.3-b230 ...)
- TODO: check
+ NOT-FOR-US: AlogoSec FireFlow
CVE-2014-4163 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
TODO: check
CVE-2014-4162 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
- TODO: check
+ NOT-FOR-US: Zyxel P-660HW-T1 wireless
CVE-2014-4161 (Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in
SAP ...)
- TODO: check
+ NOT-FOR-US: SAP Supplier Relationship Management
CVE-2014-4160 (Multiple cross-site scripting (XSS) vulnerabilities in the
testcanvas ...)
- TODO: check
+ NOT-FOR-US: SAP NetWeaver Business Client
CVE-2014-4159 (Open redirect vulnerability in SAP Supplier Relationship
Management ...)
- TODO: check
+ NOT-FOR-US: SAP Supplier Relationship Management
CVE-2014-4158 (Stack-based buffer overflow in Kolibri 2.0 allows remote
attackers to ...)
TODO: check
CVE-2014-4156
@@ -296,13 +296,13 @@
CVE-2014-4036 (Cross-site scripting (XSS) vulnerability in
modules/system/admin.php ...)
TODO: check
CVE-2014-4035 (Cross-site scripting (XSS) vulnerability in booking_details.php
in ...)
- TODO: check
+ NOT-FOR-US: Advance Hotel Booking System
CVE-2014-4034 (SQL injection vulnerability in zero_view_article.php in ZeroCMS
1.0 ...)
- TODO: check
+ NOT-FOR-US: ZeroCMS
CVE-2014-4033 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Epignosis eFront
CVE-2014-4032 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Fiyo CMS
CVE-2014-4031
RESERVED
CVE-2014-4030
@@ -480,9 +480,9 @@
CVE-2014-3978
RESERVED
CVE-2014-3977 (libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local
users to ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2014-3976 (Buffer overflow in A10 Networks Advanced Core Operating System
(ACOS) ...)
- TODO: check
+ NOT-FOR-US: A10 Networks Advanced Core Operating System
CVE-2014-3975 (Absolute path traversal vulnerability in filemanager.php in
AuraCMS ...)
NOT-FOR-US: AuraCMS
CVE-2014-3974 (Cross-site scripting (XSS) vulnerability in filemanager.php in
AuraCMS ...)
@@ -621,11 +621,11 @@
CVE-2014-3914
RESERVED
CVE-2014-3913 (Stack-based buffer overflow in AccessServer32.exe in Ericom
AccessNow ...)
- TODO: check
+ NOT-FOR-US: Ericom AccessNow Server
CVE-2014-3912 (Stack-based buffer overflow in the FindConfigChildeKeyList
method in ...)
- TODO: check
+ NOT-FOR-US: Samsung iPOLiS Device Manager
CVE-2014-3911 (Samsung iPOLiS Device Manager before 1.8.7 allow remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Samsung iPOLiS Device Manager
CVE-2014-3910
RESERVED
CVE-2014-3909
@@ -881,11 +881,11 @@
CVE-2014-3815
RESERVED
CVE-2014-3814 (The Juniper Networks NetScreen Firewall devices with ScreenOS
before ...)
- TODO: check
+ NOT-FOR-US: Juniper Networks NetScreen Firewall
CVE-2014-3813 (Unspecified vulnerability in the Juniper Networks NetScreen
Firewall ...)
- TODO: check
+ NOT-FOR-US: Juniper Networks NetScreen Firewall
CVE-2014-3812 (The Juniper Junos Pulse Secure Access Service (SSL VPN) devices
with ...)
- TODO: check
+ NOT-FOR-US: Juniper Junos Pulse Secure Access Service
CVE-2014-3811
RESERVED
CVE-2014-3810
@@ -1751,7 +1751,7 @@
CVE-2014-3429
RESERVED
CVE-2014-3428 (Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones
with ...)
- TODO: check
+ NOT-FOR-US: Yealink VoIP Phones
CVE-2014-3427
RESERVED
CVE-2014-3420
@@ -2005,17 +2005,17 @@
CVE-2014-3296
RESERVED
CVE-2014-3295 (The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: Cisco NX-OS
CVE-2014-3294 (Cisco WebEx Meeting Server does not properly restrict the
content of ...)
- TODO: check
+ NOT-FOR-US: Cisco WebEx Meeting Server
CVE-2014-3293
RESERVED
CVE-2014-3292 (The Real Time Monitoring Tool (RTMT) implementation in Cisco
Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2014-3291 (Cisco Wireless LAN Controller (WLC) devices allow remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Cisco Wireless LAN Controller
CVE-2014-3290 (The mDNS implementation in Cisco IOS XE 3.12S does not properly
...)
- TODO: check
+ NOT-FOR-US: Cisco IOS XE
CVE-2014-3289 (Cross-site scripting (XSS) vulnerability in the web management
...)
TODO: check
CVE-2014-3288
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
