Author: carnil
Date: 2015-05-27 19:47:51 +0000 (Wed, 27 May 2015)
New Revision: 34556
Modified:
data/CVE/list
Log:
Update NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-27 19:25:24 UTC (rev 34555)
+++ data/CVE/list 2015-05-27 19:47:51 UTC (rev 34556)
@@ -2949,7 +2949,7 @@
CVE-2015-2946 (Stack-based buffer overflow in the Open CAD Format Council SXF
common ...)
TODO: check
CVE-2015-2945 (mt-phpincgi.php in Hajime Fujimoto mt-phpincgi before
2015-05-15 does ...)
- TODO: check
+ NOT-FOR-US: Hajime Fujimoto mt-phpincgi
CVE-2015-2944
RESERVED
CVE-2015-2943
@@ -5323,7 +5323,7 @@
CVE-2015-2124
RESERVED
CVE-2015-2123 (Unspecified vulnerability in HP NonStop Safeguard Security
Software ...)
- TODO: check
+ NOT-FOR-US: HP NonStop Safeguard Security Software
CVE-2015-2122 (The REST layer on HP SDN VAN Controller devices 2.5 and earlier
allows ...)
NOT-FOR-US: HP
CVE-2015-2121 (HP Network Virtualization for LoadRunner and Performance Center
8.61 ...)
@@ -5829,7 +5829,7 @@
CVE-2015-1922
RESERVED
CVE-2015-1921 (Open redirect vulnerability in IBM WebSphere Portal 8.0.0
before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1920 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47,
7.0 ...)
NOT-FOR-US: IBM
CVE-2015-1919
@@ -5851,11 +5851,11 @@
CVE-2015-1912
RESERVED
CVE-2015-1911 (Cross-site scripting (XSS) vulnerability in Sterling Order
Management ...)
- TODO: check
+ NOT-FOR-US: Sterling Order Management
CVE-2015-1910 (Cross-site scripting (XSS) vulnerability in the Reference Data
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1909 (The XML parser in the Reference Data Management component in
the ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1908 (Cross-site scripting (XSS) vulnerability in IBM WebSphere
Portal 6.1.0 ...)
NOT-FOR-US: IBM WebSphere Portal
CVE-2015-1907 (The Administration and Reporting Tool in IBM Rational License
Key ...)
@@ -5875,17 +5875,17 @@
CVE-2015-1900
RESERVED
CVE-2015-1899 (IBM WebSphere Portal 8.5 through CF05 allows remote attackers
to cause ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1898 (Stack-based buffer overflow in the FastBackMount process in IBM
Tivoli ...)
NOT-FOR-US: IBM
CVE-2015-1897 (Stack-based buffer overflow in the FastBackMount process in IBM
Tivoli ...)
NOT-FOR-US: IBM
CVE-2015-1896 (Stack-based buffer overflow in the FastBackMount process in IBM
Tivoli ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1895 (IBM InfoSphere Optim Workload Replay 2.x before 2.1.0.3 relies
on ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1894 (Cross-site request forgery (CSRF) vulnerability in IBM
InfoSphere ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-1893 (The IBM WebSphere DataPower XC10 appliance 2.1 before 2.1.0.3
allows ...)
NOT-FOR-US: IBM WebSphere
CVE-2015-1892 (The Multicast DNS (mDNS) responder in IBM Security Access
Manager for ...)
@@ -8927,7 +8927,7 @@
CVE-2015-1009
RESERVED
CVE-2015-1008 (SQL injection vulnerability in Emerson AMS Device Manager
before 13 ...)
- TODO: check
+ NOT-FOR-US: Emerson AMS Device Manager
CVE-2015-1007
RESERVED
CVE-2015-1006
@@ -9022,9 +9022,9 @@
CVE-2015-0963
RESERVED
CVE-2015-0962 (Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL
Inspection ...)
- TODO: check
+ NOT-FOR-US: Barracuda Web Filter
CVE-2015-0961 (Barracuda Web Filter before 8.1.0.005, when SSL Inspection is
enabled, ...)
- TODO: check
+ NOT-FOR-US: Barracuda Web Filter
CVE-2015-0960
RESERVED
CVE-2015-0959
@@ -9076,7 +9076,7 @@
CVE-2015-0936
RESERVED
CVE-2015-0935 (Bomgar Remote Support before 15.1.1 allows remote attackers to
execute ...)
- TODO: check
+ NOT-FOR-US: Bomgar Remote Support
CVE-2015-0934 (Common LaTeX Service Interface (CLSI) before 0.1.3, as used in
...)
NOT-FOR-US: ShareLaTeX
CVE-2015-0933 (Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and
earlier, ...)
@@ -9853,7 +9853,7 @@
CVE-2015-0751
RESERVED
CVE-2015-0750 (The administrative web interface in Cisco Hosted Collaboration
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0749
RESERVED
CVE-2015-0748
@@ -9909,7 +9909,7 @@
CVE-2015-0723 (The wireless web-authentication subsystem on Cisco Wireless LAN
...)
NOT-FOR-US: Cisco
CVE-2015-0722 (The network drivers in Cisco TelePresence T, Cisco TelePresence
TE, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0721
RESERVED
CVE-2015-0720
@@ -9927,7 +9927,7 @@
CVE-2015-0714 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco
Finesse ...)
NOT-FOR-US: Cisco Finesse
CVE-2015-0713 (The web framework in Cisco TelePresence Advanced Media Gateway
Series ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2015-0712 (The session-manager service in Cisco StarOS 12.0, 12.2(300),
14.0, and ...)
NOT-FOR-US: Cisco StarOS
CVE-2015-0711 (The hamgr service in the IPv6 Proxy Mobile (PM) implementation
in ...)
@@ -10927,7 +10927,7 @@
CVE-2015-0541
RESERVED
CVE-2015-0540 (SQL injection vulnerability in the xAdmin interface in EMC
Document ...)
- TODO: check
+ NOT-FOR-US: EMC Document Sciences xPression
CVE-2015-0539
RESERVED
CVE-2015-0538 (ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508
HF4 ...)
@@ -13269,7 +13269,7 @@
CVE-2015-0181
RESERVED
CVE-2015-0180 (The Connector Migration Tool in IBM InfoSphere Information
Server 8.1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0179 (Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3
FP6 IF6 ...)
NOT-FOR-US: IBM Domino
CVE-2015-0178 (The Java overlay feature in IBM Bluemix Liberty before ...)
@@ -13287,13 +13287,13 @@
CVE-2015-0172
RESERVED
CVE-2015-0171 (Directory traversal vulnerability in IBM Security SiteProtector
System ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0170 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1
before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0169 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1
before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0168 (Cross-site scripting (XSS) vulnerability in IBM Security
SiteProtector ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0167 (Cross-site scripting (XSS) vulnerability in
textAngular-sanitize.js in ...)
NOT-FOR-US: textAngular
CVE-2015-0166
@@ -13307,9 +13307,9 @@
CVE-2015-0162
RESERVED
CVE-2015-0161 (SQL injection vulnerability in IBM Security SiteProtector
System 3.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0160 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1
before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0159
REJECTED
CVE-2015-0158 (Cross-site scripting (XSS) vulnerability in the Coach NG
framework in ...)
@@ -13317,7 +13317,7 @@
CVE-2015-0157
RESERVED
CVE-2015-0156 (Cross-site scripting (XSS) vulnerability in IBM Business
Process ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0155
RESERVED
CVE-2015-0154
@@ -13349,7 +13349,7 @@
CVE-2015-0141
RESERVED
CVE-2015-0140 (An unspecified ActiveX control in IBM SPSS Statistics 22.0
through FP1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0139 (Cross-site scripting (XSS) vulnerability in IBM WebSphere
Portal 8.0.0 ...)
NOT-FOR-US: IBM WebSphere Portal
CVE-2015-0138 (GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before ...)
@@ -13389,7 +13389,7 @@
CVE-2015-0121
RESERVED
CVE-2015-0120 (Buffer overflow in the FastBackMount process in IBM Tivoli
Storage ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-0119 (FastBack Mount in IBM Tivoli Storage Manager FastBack 6.1.x
before ...)
NOT-FOR-US: IBM Tivoli Storage Manager FastBack
CVE-2015-0118
@@ -13778,9 +13778,9 @@
CVE-2014-8928
RESERVED
CVE-2014-8927 (Common Inventory Technology (CIT) before 2.7.0.2050 in IBM
License ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-8926 (Common Inventory Technology (CIT) before 2.7.0.2050 in IBM
License ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-8925 (Cross-site request forgery (CSRF) vulnerability in ClearQuest
Web in ...)
NOT-FOR-US: IBM
CVE-2014-8924 (The server in IBM License Metric Tool 7.2.2 before IF15 and 7.5
before ...)
@@ -20684,11 +20684,11 @@
CVE-2014-6193 (IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0
before CF04, ...)
NOT-FOR-US: IBM
CVE-2014-6192 (Cross-site scripting (XSS) vulnerability in IBM Curam Social
Program ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6191
RESERVED
CVE-2014-6190 (The log viewer in IBM Workload Deployer 3.1 before 3.1.0.7
allows ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6189
RESERVED
CVE-2014-6188 (Multiple cross-site scripting (XSS) vulnerabilities in IBM
WebSphere ...)
@@ -23972,7 +23972,7 @@
CVE-2014-4779
RESERVED
CVE-2014-4778 (IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager
for ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-4777
RESERVED
CVE-2014-4776 (IBM License Metric Tool 9 before 9.1.0.2 does not have an off
...)
@@ -23980,7 +23980,7 @@
CVE-2014-4775 (IBM InfoSphere Master Data Management - Collaborative Edition
10.x ...)
NOT-FOR-US: IBM
CVE-2014-4774 (Cross-site request forgery (CSRF) vulnerability in the login
page in ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-4773
RESERVED
CVE-2014-4772
@@ -31034,7 +31034,7 @@
CVE-2014-2175 (Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x
and 6.0 ...)
NOT-FOR-US: Cisco
CVE-2014-2174 (Cisco TelePresence T, TelePresence TE, and TelePresence TC
before 7.1 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-2173 (Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x
and 6.0 ...)
NOT-FOR-US: Cisco
CVE-2014-2172 (Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x
and TE ...)
@@ -58287,7 +58287,7 @@
CVE-2012-5850
RESERVED
CVE-2012-5849 (Multiple SQL injection vulnerabilities in ClipBucket 2.6
Revision 738 ...)
- TODO: check
+ NOT-FOR-US: ClipBucket
CVE-2012-5854 (Heap-based buffer overflow in WeeChat 0.3.6 through 0.3.9
allows ...)
- weechat 0.3.9.1-1 (bug #693026)
[wheezy] - weechat 0.3.8-1+deb7u1
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
