diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2019-03-27 21:33:31 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2019-03-27 21:34:39 +0100 |
| commit | a00097c7a559a87975d59a50631ab082923855ed (patch) | |
| tree | d2f8dc3bf7b6d6f055a7f159abc855a8a94b6874 | |
| parent | 8ae3c5629fabc60dbf53dfbcd455f20aca4bc15d (diff) | |
Process NFUs
| -rw-r--r-- | data/CVE/2010.list | 2 | ||||
| -rw-r--r-- | data/CVE/2014.list | 14 | ||||
| -rw-r--r-- | data/CVE/2015.list | 10 | ||||
| -rw-r--r-- | data/CVE/2017.list | 4 | ||||
| -rw-r--r-- | data/CVE/2018.list | 22 | ||||
| -rw-r--r-- | data/CVE/2019.list | 18 |
6 files changed, 35 insertions, 35 deletions
diff --git a/data/CVE/2010.list b/data/CVE/2010.list index 8e2bb7232f..8236f775d2 100644 --- a/data/CVE/2010.list +++ b/data/CVE/2010.list @@ -73,7 +73,7 @@ CVE-2010-5307 (The HIPAA configuration interface in GE Healthcare Optima MR360 h CVE-2010-5306 (GE Healthcare Optima CT680, CT540, CT640, and CT520 has a default pass ...) NOT-FOR-US: GE Healthcare Optima CVE-2010-5305 (The potential exists for exposure of the product's password used to re ...) - TODO: check + NOT-FOR-US: Rockwell CVE-2010-5304 RESERVED NOT-FOR-US: RealVNC diff --git a/data/CVE/2014.list b/data/CVE/2014.list index aa3d75a727..5733657019 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -2694,11 +2694,11 @@ CVE-2014-9191 (The CodeWrights HART Device Type Manager (DTM) library in Emerson CVE-2014-9190 (Stack-based buffer overflow in Schneider Electric Wonderware InTouch A ...) NOT-FOR-US: Schneider Electric CVE-2014-9189 (Multiple stack-based buffer overflow vulnerabilities were found in Hon ...) - TODO: check + NOT-FOR-US: Honeywell Experion PKS CVE-2014-9188 (Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Elec ...) NOT-FOR-US: Schneider Electric ProClima CVE-2014-9187 (Multiple heap-based buffer overflow vulnerabilities exist in Honeywell ...) - TODO: check + NOT-FOR-US: Honeywell Experion PKS CVE-2014-9186 RESERVED CVE-2014-9185 (Static code injection vulnerability in install.php in Morfy CMS 1.05 a ...) @@ -11871,13 +11871,13 @@ CVE-2014-5436 CVE-2014-5435 RESERVED CVE-2014-5434 (Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) wi ...) - TODO: check + NOT-FOR-US: Baxter SIGMA Spectrum Infusion System CVE-2014-5433 (An unauthenticated remote attacker may be able to execute commands to ...) - TODO: check + NOT-FOR-US: Baxter SIGMA Spectrum Infusion System CVE-2014-5432 (Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) wi ...) - TODO: check + NOT-FOR-US: Baxter SIGMA Spectrum Infusion System CVE-2014-5431 (Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) wi ...) - TODO: check + NOT-FOR-US: Baxter SIGMA Spectrum Infusion System CVE-2014-5430 (Untrusted search path vulnerability in ABB RobotStudio 5.6x before 5.6 ...) NOT-FOR-US: ABB RobotStudio CVE-2014-5429 (DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and ...) @@ -11937,7 +11937,7 @@ CVE-2014-5403 (Hospira MedNet before 6.1 uses hardcoded cryptographic keys for p CVE-2014-5402 REJECTED CVE-2014-5401 (Hospira MedNet software version 5.8 and prior uses vulnerable versions ...) - TODO: check + NOT-FOR-US: Hospira CVE-2014-5400 (The installation component in Hospira MedNet before 6.1 places clearte ...) NOT-FOR-US: Hospira MedNet CVE-2014-5399 (SQL injection vulnerability in Schneider Electric Wonderware Informati ...) diff --git a/data/CVE/2015.list b/data/CVE/2015.list index 9d884bf3ef..b2bfda44ef 100644 --- a/data/CVE/2015.list +++ b/data/CVE/2015.list @@ -15408,15 +15408,15 @@ CVE-2015-3958 (Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibl CVE-2015-3957 (Hospira LifeCare PCA Infusion System before 7.0 stores private keys an ...) NOT-FOR-US: Hospira LifeCare CVE-2015-3956 (Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infus ...) - TODO: check + NOT-FOR-US: Hospira CVE-2015-3955 (Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5. ...) NOT-FOR-US: Hospira LifeCare CVE-2015-3954 (Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infus ...) - TODO: check + NOT-FOR-US: Hospira CVE-2015-3953 (Hard-coded accounts may be used to access Hospira Plum A+ Infusion Sys ...) - TODO: check + NOT-FOR-US: Hospira CVE-2015-3952 (Wireless keys are stored in plain text on Hospira Plum A+ Infusion Sys ...) - TODO: check + NOT-FOR-US: Hospira CVE-2015-3951 (RLE Nova-Wind Turbine HMI devices store cleartext credentials, which a ...) NOT-FOR-US: RLE Nova-Wind Turbines CVE-2015-3950 (Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on ...) @@ -24021,7 +24021,7 @@ CVE-2015-1014 (A successful exploit of these vulnerabilities requires the local CVE-2015-1013 (OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure tha ...) NOT-FOR-US: OSIsoft PI AF and OSIsoft PI SQL for AF CVE-2015-1012 (Wireless keys are stored in plain text on version 5 of the Hospira Lif ...) - TODO: check + NOT-FOR-US: Hospira CVE-2015-1011 (Hospira LifeCare PCA Infusion System before 7.0 has hardcoded credenti ...) NOT-FOR-US: Hospira LifeCare CVE-2015-1010 (Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier does n ...) diff --git a/data/CVE/2017.list b/data/CVE/2017.list index b6f502cc74..feaa622522 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -44727,7 +44727,7 @@ CVE-2017-2754 CVE-2017-2753 RESERVED CVE-2017-2752 (A potential security vulnerability caused by incomplete obfuscation of ...) - TODO: check + NOT-FOR-US: Tommy Hilfiger TH24/7 Android app CVE-2017-2751 (A BIOS password extraction vulnerability has been reported on certain ...) NOT-FOR-US: firmware on HP notebooks CVE-2017-2750 (Insufficient Solution DLL Signature Validation allows potential execut ...) @@ -44735,7 +44735,7 @@ CVE-2017-2750 (Insufficient Solution DLL Signature Validation allows potential e CVE-2017-2749 RESERVED CVE-2017-2748 (A potential security vulnerability caused by the use of insecure (http ...) - TODO: check + NOT-FOR-US: Isaac Mizrahi Smartwatch mobile app CVE-2017-2747 (HP has identified a potential security vulnerability before IG_11_00_0 ...) NOT-FOR-US: HP printers CVE-2017-2746 (Potential security vulnerabilities have been identified with HP JetAdv ...) diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 2ed05323db..f3c078b8cd 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -5218,7 +5218,7 @@ CVE-2018-19018 (An access of uninitialized pointer vulnerability in CX-Superviso CVE-2018-19017 (Several use after free vulnerabilities have been identified in CX-Supe ...) NOT-FOR-US: CX-Supervisor CVE-2018-19016 (Rockwell Automation EtherNet/IP Web Server Modules 1756-EWEB (includes ...) - TODO: check + NOT-FOR-US: Rockwell Automation CVE-2018-19015 (An attacker could inject commands to launch programs and create, write ...) NOT-FOR-US: CX-Supervisor CVE-2018-19014 (Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all ver ...) @@ -5262,7 +5262,7 @@ CVE-2018-18996 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in u CVE-2018-18995 (Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all ...) NOT-FOR-US: ABB GATE-E2 CVE-2018-18994 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows an out of bounds ...) - TODO: check + NOT-FOR-US: LCDS Laquis SCADA CVE-2018-18993 (Two stack-based buffer overflow vulnerabilities have been discovered i ...) NOT-FOR-US: CX-One CVE-2018-18992 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user in ...) @@ -12342,7 +12342,7 @@ CVE-2018-16209 CVE-2018-16208 RESERVED CVE-2018-16207 (PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows ...) - TODO: check + NOT-FOR-US: PowerAct Pro Master Agent for Windows CVE-2018-16206 (Cross-site scripting vulnerability in WordPress plugin spam-byebye 2.2 ...) NOT-FOR-US: Wordpress plugin CVE-2018-16205 (Cross-site scripting vulnerability in GROWI v3.2.3 and earlier allows ...) @@ -13366,15 +13366,15 @@ CVE-2018-15819 CVE-2018-15818 (An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker ...) NOT-FOR-US: Repute ARForms CVE-2018-15817 (FastStone Image Viewer 6.5 has a Read Access Violation on Block Data M ...) - TODO: check + NOT-FOR-US: FastStone Image Viewer CVE-2018-15816 (FastStone Image Viewer 6.5 has a Read Access Violation on Block Data M ...) - TODO: check + NOT-FOR-US: FastStone Image Viewer CVE-2018-15815 (FastStone Image Viewer 6.5 has an Exception Handler Chain Corrupted is ...) - TODO: check + NOT-FOR-US: FastStone Image Viewer CVE-2018-15814 (FastStone Image Viewer 6.5 has a User Mode Write AV starting at image0 ...) - TODO: check + NOT-FOR-US: FastStone Image Viewer CVE-2018-15813 (FastStone Image Viewer 6.5 has a User Mode Write AV starting at image0 ...) - TODO: check + NOT-FOR-US: FastStone Image Viewer CVE-2018-15812 RESERVED CVE-2018-15811 @@ -39538,15 +39538,15 @@ CVE-2018-5929 CVE-2018-5928 RESERVED CVE-2018-5927 (HP Support Assistant before 8.7.50.3 allows an unauthorized person wit ...) - TODO: check + NOT-FOR-US: HP Support Assistant CVE-2018-5926 (A potential vulnerability has been identified in HP Remote Graphics So ...) - TODO: check + NOT-FOR-US: HP CVE-2018-5925 (A security vulnerability has been identified with certain HP Inkjet pr ...) NOT-FOR-US: HP Inkjet printers CVE-2018-5924 (A security vulnerability has been identified with certain HP Inkjet pr ...) NOT-FOR-US: HP Inkjet printers CVE-2018-5923 (In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed ...) - TODO: check + NOT-FOR-US: HP CVE-2018-5922 RESERVED CVE-2018-5921 (A potential security vulnerability has been identified with certain HP ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index f723d878cf..c3adf029e1 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -1,9 +1,9 @@ CVE-2019-10239 RESERVED CVE-2019-10238 (Sitemagic CMS v4.4 has XSS in SMFiles/FrmUpload.class.php via the file ...) - TODO: check + NOT-FOR-US: Sitemagic CMS CVE-2019-10237 (S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via th ...) - TODO: check + NOT-FOR-US: S-CMS PHP CVE-2019-10236 RESERVED CVE-2019-10235 @@ -281,7 +281,7 @@ CVE-2019-10101 CVE-2019-10100 RESERVED CVE-2019-1000031 (A disk space or quota exhaustion issue exists in article2pdf_getfile.p ...) - TODO: check + NOT-FOR-US: article2pdf Wordpress plugin CVE-2019-10099 RESERVED CVE-2019-10098 @@ -870,7 +870,7 @@ CVE-2019-1010259 CVE-2019-1010258 RESERVED CVE-2019-1010257 (An Information Disclosure / Data Modification issue exists in article2 ...) - TODO: check + NOT-FOR-US: article2pdf Wordpress plugin CVE-2019-1010256 RESERVED CVE-2019-1010255 @@ -1442,13 +1442,13 @@ CVE-2019-9865 CVE-2019-9864 RESERVED CVE-2019-9863 (Due to the use of an insecure algorithm for rolling codes in the ABUS ...) - TODO: check + NOT-FOR-US: ABUS CVE-2019-9862 (An issue was discovered on ABUS Secvest wireless alarm system FUAA5000 ...) - TODO: check + NOT-FOR-US: ABUS CVE-2019-9861 RESERVED CVE-2019-9860 (Due to unencrypted signal communication and predictability of rolling ...) - TODO: check + NOT-FOR-US: ABUS CVE-2019-9859 RESERVED CVE-2019-9858 @@ -10647,9 +10647,9 @@ CVE-2019-5929 CVE-2019-5928 RESERVED CVE-2019-5927 (Directory traversal vulnerability in 'an' App for iOS Version 3.2.0 an ...) - TODO: check + NOT-FOR-US: 'an' App for iOS CVE-2019-5926 (Cross-site scripting vulnerability in KinagaCMS versions prior to 6.5 ...) - TODO: check + NOT-FOR-US: KinagaCMS CVE-2019-5925 (Cross-site scripting vulnerability in Dradis Community Edition Dradis ...) NOT-FOR-US: Dradis CVE-2019-5924 (Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15 ...) |